Make sure one user or process can't read leftover CUI from shared memory, cache, or storage.
What it actually means
Shared system resources — memory, cache, temporary storage — shouldn't let information leak from one user or process to another. On modern, supported operating systems this is largely handled by built-in object-reuse protections, so the practical task is to run current, patched operating systems and not disable those protections.
Pass or fail — an assessor needs a "yes" to each
- Are you running current, supported operating systems that clear or zero reused resources by default?
- Have you avoided configurations that disable object-reuse / memory-protection features?
What to have ready
- OS inventory showing supported, patched versions
- Baseline configuration confirming memory / object-reuse protections aren't disabled
Where teams trip up
- Running end-of-life operating systems that lack modern object-reuse protections
- Assuming it's 'automatic' without documenting that you rely on the OS for it
See where this control puts your score
Run all 110 requirements free in about 10 minutes.
Calculate your SPRS score →