| πΌ SC-1 Policy and Procedures (L)(M)(H) | | | | |
| πΌ SC-2 Separation of System and User Functionality (M)(H) | | | | |
| πΌ SC-4 Information in Shared System Resources (M)(H) | | | | |
| πΌ SC-5 Denial-of-service Protection (L)(M)(H) | | | | |
| πΌ SC-7 Boundary Protection (L)(M)(H) | 7 | | 23 | |
| πΌ SC-7(3) Access Points (M)(H) | | | 2 | |
| πΌ SC-7(4) External Telecommunications Services (M)(H) | | | 17 | |
| πΌ SC-7(5) Deny by Default β Allow by Exception (M)(H) | | | 18 | |
| πΌ SC-7(7) Split Tunneling for Remote Devices (M)(H) | | | | |
| πΌ SC-7(8) Route Traffic to Authenticated Proxy Servers (M)(H) | | | | |
| πΌ SC-7(12) Host-based Protection (M)(H) | | | | |
| πΌ SC-7(18) Fail Secure (M)(H) | | | | |
| πΌ SC-8 Transmission Confidentiality and Integrity (L)(M)(H) | 1 | | 8 | |
| πΌ SC-8(1) Cryptographic Protection (L)(M)(H) | | | 10 | |
| πΌ SC-10 Network Disconnect (M)(H) | | | | |
| πΌ SC-12 Cryptographic Key Establishment and Management (L)(M)(H) | | | 11 | |
| πΌ SC-13 Cryptographic Protection (L)(M)(H) | | | 16 | |
| πΌ SC-15 Collaborative Computing Devices and Applications (L)(M)(H) | | | | |
| πΌ SC-17 Public Key Infrastructure Certificates (M)(H) | | | 1 | |
| πΌ SC-18 Mobile Code (M)(H) | | | | |
| πΌ SC-20 Secure Name/Address Resolution Service (Authoritative Source) (L)(M)(H) | | | | |
| πΌ SC-21 Secure Name/Address Resolution Service (Recursive or Caching Resolver) (L)(M)(H) | | | | |
| πΌ SC-22 Architecture and Provisioning for Name/Address Resolution Service (L)(M)(H) | | | | |
| πΌ SC-23 Session Authenticity (M)(H) | | | 7 | |
| πΌ SC-28 Protection of Information at Rest (L)(M)(H) | 1 | | 15 | |
| πΌ SC-28(1) Cryptographic Protection (L)(M)(H) | | | 12 | |
| πΌ SC-39 Process Isolation (L)(M)(H) | | | | |
| πΌ SC-45 System Time Synchronization (M)(H) | 1 | | | |
| πΌ SC-45(1) Synchronization with Authoritative Time Source (M)(H) | | | | |