3.13
System and Communications Protection
16 controls · 6 weighted 5 points · NIST SP 800-171 Rev 2
3.13.1Monitor, control, and protect communications at boundaries5 points
3.13.2Employ architectural designs and engineering principles for security5 points
3.13.3Separate user functionality from system management functionality1 point
3.13.4Prevent unauthorized and unintended information transfer via shared resources1 point
3.13.5Implement subnetworks for publicly accessible components (DMZ)5 points
3.13.6Deny network traffic by default and allow by exception5 points
3.13.7Prevent remote devices from split tunneling into the network1 point
3.13.8Use cryptographic mechanisms to protect CUI in transmission3 points
3.13.9Terminate network connections at end of sessions or after inactivity1 point
3.13.10Establish and manage cryptographic keys1 point
3.13.11Employ FIPS-validated cryptography to protect CUIUp to 5 points (conditional)
3.13.12Prohibit remote activation of collaborative devices; indicate use1 point
3.13.13Control and monitor use of mobile code1 point
3.13.14Control and monitor use of VoIP technologies1 point
3.13.15Protect the authenticity of communications sessions5 points
3.13.16Protect the confidentiality of CUI at rest1 point
Estimate your SPRS score in 2 minutes
15 quick questions across the highest-impact controls — instant estimate, no signup.
Estimate my SPRS score →Source: NIST SP 800-171 Rev 2 (public domain) · SPRS weighting per the DoD Assessment Methodology