NIST 800-53 REV 5 • SYSTEM AND COMMUNICATIONS PROTECTION

SC-36(1)Polling Techniques

Employ polling techniques to identify potential faults, errors, or compromises to the following processing and storage components: {{ insert: param, sc-36.01_odp.01 }} ; and Take the following actions in response to identified faults, errors, or compromises: {{ insert: param, sc-36.01_odp.02 }}.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

Supplemental Guidance

Distributed processing and/or storage may be used to reduce opportunities for adversaries to compromise the confidentiality, integrity, or availability of organizational information and systems. However, the distribution of processing and storage components does not prevent adversaries from compromising one or more of the components. Polling compares the processing results and/or storage content from the distributed components and subsequently votes on the outcomes. Polling identifies potential faults, compromises, or errors in the distributed processing and storage components.

Practitioner Notes

Use polling techniques to verify the integrity and consistency of distributed data — periodically checking that copies at different locations match.

Example 1: Configure your database replication monitoring to run periodic consistency checks between primary and replica databases. SQL Server DBCC CHECKDB can verify data integrity, and replication latency monitors ensure replicas stay in sync.

Example 2: Use file integrity monitoring (like Tripwire or OSSEC) across distributed file stores. Periodically compare checksums of critical files between locations. Discrepancies trigger alerts that could indicate tampering or replication failures.

More System and Communications Protection Controls

SC-1 Policy and Procedures SC-2 Separation of System and User Functionality SC-2(1) Interfaces for Non-privileged Users SC-2(2) Disassociability