Cyber Security - Defend Flashcards
DE.AE-1
A baseline of network operations and expected data flows for users and systems is established and managed
DE.AE-2
Detected events are analyzed to understand attack targets and methods
DE.AE-3
Event data are aggregated and correlated from multiple sources and sensors
DE.AE-4
Impact of events is determined
DE.AE-5
Incident alert thresholds are established
DE.CM-1
The network is monitored to detect potential cybersecurity events
DE.CM-2
The physical environment is monitored to detect potential cybersecurity events
DE.CM-3
Personnel activity is monitored to detect potential cybersecurity events
DE.CM-4
Malicious code is detected
DE.CM-5
Unauthorized mobile code is detected
DE.CM-6
External service provider activity is monitored to detect potential cybersecurity events
DE.CM-7
Monitoring for unauthorized personnel, connections, devices, and software is performed
DE.CM-8
Vulnerability scans are performed
DE.DP-1
Roles and responsibilities for detection are well defined to ensure accountability
DE.DP-2
Detection activities comply with all applicable requirements