NIST 800-171 v2
110 security requirements available
Media Protection
Security Requirement
Mark media with necessary CUI markings and distribution limitations.[27]
Discussion
The term security marking refers to the application or use of human-readable security attributes. System media includes digital and non-digital media. Marking of system media reflects applicable federal laws, Executive Orders, directives, policies, and regulations. See [NARA MARK]. [27] The implementation of this requirement is per marking guidance in [32 CFR 2002] and [NARA CUI]. Standard Form (SF) 902 (approximate size 2.125” x 1.25”) and SF 903 (approximate size 2.125” x .625”) can be used on media that contains CUI such as hard drives, or USB devices. Both forms are available from https://www.gsaadvantage.gov.
- Framework
- NIST SP 800-171 Rev 2
- Family
- Media Protection
- Requirement Type
- derived
Related Frameworks
5 paths across 2 frameworks
Related Frameworks
NIST 800-531 mapping
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI4 mappings
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
Related STIGs
2 STIGs reach this control through 4 CCIs via 800-53 control MP-3. Expand a row to see the responsible NICE and O*NET roles.