SI-10: Information Input Validation
NIST Baseline: Moderate
DIR Required By: 07/20/2023
Review Date: 08/22/2024
- Information resource owners or custodians of Tarleton State University (Tarleton) information systems, in coordination with the Tarleton Chief Information Security Officer (CISO), should ensure that the validity of information inputs by:
- Checking the valid syntax and semantics of system inputs (e.g., character set, length, numerical range, and acceptable values).
- Prescreen and validate inputs before passing to interpreters to prevent the content from being unintentionally interpreted as commands.