Practice Information Flashcards
Info from Discussion
SI.14.2 - Malicious Code Protection
5 Points
800-83 for Malware Incident guidance
SI.14.3 - Security Alerts & Advisories
5 Points
NIST SP 800-161 SCRM
SI.14.6 - Monitor Communications for Attack
5 Points
NIST SP 800-94 for IDS/IPS
Supports AU.L2-3.1.1 - System Auditing
SI 14.7 - Identify Unauthorized Use
5 Points
Related to: 3.1.1, 3.3.1, 3.5.1, 3.5.2
AC. 1.1 - Authorized Access Control
5 Points
Leverages 3.5.1 (identification)
AC. 1.3 - Control CUI Flow
1 Point
NIST SP 800-41 Guidance on firewalls and firewall policy
NIS SP 800-125B Guidance on security for virtualization technologis
AC. 1.7 - Privileged Functions
1 Point
Leverages AU-3.3.2, which ensures logging and traceability of user actions
Extends AC-3.1.2 which defined requirements to limit types of transactions
AC. 1.12 - Control Remote Access
5 points
*Do not subtract points if remote access is not permitted.
NIST SP 800-46, 77, 113 Guidance on secure remote access and VPNs
Compliments 5 other Remote Access practices: AC.3.1.14 (remote access routing), 3.1.13 (crypto for remote), 3.1.15 (auth’d priv cmds for remote), IA.3.5.3 (MFA), MA.3.7.5 (MFA remote maintenance)
AC 1.13 - Remote Access Confidentiality
5 points
Compliments 5 other practices: AC.3.1.14 (remote access routing), 3.1.12 (Control Remote Access) , 3.1.15 (auth’d priv cmds for remote), IA.3.5.3 (MFA), MA.3.7.5 (MFA remote maintenance)
AC 1.14 - Remote Access Routing
1 Point
Compliments 5 other practices:
3.1.12 (Control Remote Access), 3.1.13 (crypto for remote), 3.1.15 (auth’d priv cmds for remote), IA.3.5.3 (MFA), MA.3.7.5 (MFA remote maintenance)
AC 1.15 - Privileged Remote Access
1 point
Compliments 5 other Remote Access practices: AC.3.1.14 (remote access routing), 3.1.13 (crypto for remote), 3.1.12 (Control Remote Access), IA.3.5.3 (MFA), MA.3.7.5 (MFA remote maintenance)
AC. 1.16 - Wireless Access Authorization
AC 1.17 - Wireless Access Protection
AC 1.18 - Mobile Device Connection
5 points
Complimentary Practices: AC.3.1.16 (Wx Access Auth), AC.3.1.17 (Wx Access Protection), and AC.3.1.18 (Mobile Device Connection)
AC 1.19 - Encrypt CUI on Mobile
3 points
Extends three other CUI protection practices: MP.3.8.1 (CUI media protection), MP.3.8.2 (limit access to CUI), SC.3.13.16 (CUI data at rest)
Leverages SC.3.13.11 (FIPS), and SC.3.13.10 (crypto key management)
AU.3.2 - User Accountability
3 points
Supports AC.3.1.7 (control non-priv users) and other on auditing, CM, IR, and situation awareness
AU.3.3 - Event Review
1 point
Focused on configuration of auditing system, NOT the review of audit records.