compliance controls are associated with this Policy definition 'Enable detection of network devices' (426c172c-9914-10d1-25dd-669641fc1af4)
| Control Domain |
Control |
Name |
MetadataId |
Category |
Title |
Owner |
Requirements |
Description |
Info |
Policy# |
| FedRAMP_High_R4 |
CM-8(3) |
FedRAMP_High_R4_CM-8(3) |
FedRAMP High CM-8 (3) |
Configuration Management |
Automated Unauthorized Component Detection |
Shared |
n/a |
The organization:
(a) Employs automated mechanisms [Assignment: organization-defined frequency] to detect the presence of unauthorized hardware, software, and firmware components within the information system; and
(b) Takes the following actions when unauthorized components are detected: [Selection (one or more): disables network access by such components; isolates the components; notifies [Assignment: organization-defined personnel or roles]].
Supplemental Guidance: This control enhancement is applied in addition to the monitoring for unauthorized remote connections and mobile devices. Monitoring for unauthorized system components may be accomplished on an ongoing basis or by the periodic scanning of systems for that purpose. Automated mechanisms can be implemented within information systems or in other separate devices. Isolation can be achieved, for example, by placing unauthorized information system components in separate domains or subnets or otherwise quarantining such components. This type of component isolation is commonly referred to as sandboxing. Related controls: AC-17, AC-18, AC-19, CA-7, SI-3, SI-4, SI-7, RA-5. |
link |
2 |
| FedRAMP_Moderate_R4 |
CM-8(3) |
FedRAMP_Moderate_R4_CM-8(3) |
FedRAMP Moderate CM-8 (3) |
Configuration Management |
Automated Unauthorized Component Detection |
Shared |
n/a |
The organization:
(a) Employs automated mechanisms [Assignment: organization-defined frequency] to detect the presence of unauthorized hardware, software, and firmware components within the information system; and
(b) Takes the following actions when unauthorized components are detected: [Selection (one or more): disables network access by such components; isolates the components; notifies [Assignment: organization-defined personnel or roles]].
Supplemental Guidance: This control enhancement is applied in addition to the monitoring for unauthorized remote connections and mobile devices. Monitoring for unauthorized system components may be accomplished on an ongoing basis or by the periodic scanning of systems for that purpose. Automated mechanisms can be implemented within information systems or in other separate devices. Isolation can be achieved, for example, by placing unauthorized information system components in separate domains or subnets or otherwise quarantining such components. This type of component isolation is commonly referred to as sandboxing. Related controls: AC-17, AC-18, AC-19, CA-7, SI-3, SI-4, SI-7, RA-5. |
link |
2 |
| hipaa |
0724.07a3Organizational.4-07.a |
hipaa-0724.07a3Organizational.4-07.a |
0724.07a3Organizational.4-07.a |
07 Vulnerability Management |
0724.07a3Organizational.4-07.a 07.01 Responsibility for Assets |
Shared |
n/a |
The organization employs automated mechanisms to scan the network, no less than weekly, to detect the presence of unauthorized components/devices (including hardware, firmware and software) in the environment; and disables network access by such components/devices or notify designated organizational officials. |
|
6 |
| hipaa |
1119.01j2Organizational.3-01.j |
hipaa-1119.01j2Organizational.3-01.j |
1119.01j2Organizational.3-01.j |
11 Access Control |
1119.01j2Organizational.3-01.j 01.04 Network Access Control |
Shared |
n/a |
Network equipment is checked for unanticipated dial-up capabilities. |
|
5 |
| hipaa |
1504.06e1Organizational.34-06.e |
hipaa-1504.06e1Organizational.34-06.e |
1504.06e1Organizational.34-06.e |
15 Incident Management |
1504.06e1Organizational.34-06.e 06.01 Compliance with Legal Requirements |
Shared |
n/a |
Management approves the use of information assets and takes appropriate action when unauthorized activity occurs. |
|
16 |
| ISO27001-2013 |
A.9.1.2 |
ISO27001-2013_A.9.1.2 |
ISO 27001:2013 A.9.1.2 |
Access Control |
Access to networks and network services |
Shared |
n/a |
Users shall only be provided with access to the network and network services that they have been specifically authorized to use. |
link |
29 |
| ISO27001-2013 |
A.9.2.1 |
ISO27001-2013_A.9.2.1 |
ISO 27001:2013 A.9.2.1 |
Access Control |
User registration and de-registration |
Shared |
n/a |
A formal user registration and de-registration process shall be implemented to enable assignment of access rights. |
link |
27 |
| ISO27001-2013 |
A.9.4.2 |
ISO27001-2013_A.9.4.2 |
ISO 27001:2013 A.9.4.2 |
Access Control |
Secure log-on procedures |
Shared |
n/a |
Where required by the access control policy, access to systems and applications shall be controlled by a secure log-on procedure. |
link |
17 |
| NIST_SP_800-53_R4 |
CM-8(3) |
NIST_SP_800-53_R4_CM-8(3) |
NIST SP 800-53 Rev. 4 CM-8 (3) |
Configuration Management |
Automated Unauthorized Component Detection |
Shared |
n/a |
The organization:
(a) Employs automated mechanisms [Assignment: organization-defined frequency] to detect the presence of unauthorized hardware, software, and firmware components within the information system; and
(b) Takes the following actions when unauthorized components are detected: [Selection (one or more): disables network access by such components; isolates the components; notifies [Assignment: organization-defined personnel or roles]].
Supplemental Guidance: This control enhancement is applied in addition to the monitoring for unauthorized remote connections and mobile devices. Monitoring for unauthorized system components may be accomplished on an ongoing basis or by the periodic scanning of systems for that purpose. Automated mechanisms can be implemented within information systems or in other separate devices. Isolation can be achieved, for example, by placing unauthorized information system components in separate domains or subnets or otherwise quarantining such components. This type of component isolation is commonly referred to as sandboxing. Related controls: AC-17, AC-18, AC-19, CA-7, SI-3, SI-4, SI-7, RA-5. |
link |
2 |
| NIST_SP_800-53_R5 |
CM-8(3) |
NIST_SP_800-53_R5_CM-8(3) |
NIST SP 800-53 Rev. 5 CM-8 (3) |
Configuration Management |
Automated Unauthorized Component Detection |
Shared |
n/a |
(a) Detect the presence of unauthorized hardware, software, and firmware components within the system using [Assignment: organization-defined automated mechanisms] [Assignment: organization-defined frequency]; and
(b) Take the following actions when unauthorized components are detected: [Selection (OneOrMore): disable network access by such components;isolate the components;notify [Assignment: organization-defined personnel or roles] ] . |
link |
2 |
|
op.acc.1 Identification |
op.acc.1 Identification |
404 not found |
|
|
|
n/a |
n/a |
|
66 |
|
op.acc.2 Access requirements |
op.acc.2 Access requirements |
404 not found |
|
|
|
n/a |
n/a |
|
64 |
|
op.acc.5 Authentication mechanism (external users) |
op.acc.5 Authentication mechanism (external users) |
404 not found |
|
|
|
n/a |
n/a |
|
72 |
|
op.acc.6 Authentication mechanism (organization users) |
op.acc.6 Authentication mechanism (organization users) |
404 not found |
|
|
|
n/a |
n/a |
|
78 |
|
op.ext.4 Interconnection of systems |
op.ext.4 Interconnection of systems |
404 not found |
|
|
|
n/a |
n/a |
|
68 |
| SOC_2 |
CC7.1 |
SOC_2_CC7.1 |
SOC 2 Type 2 CC7.1 |
System Operations |
Detection and monitoring of new vulnerabilities |
Shared |
The customer is responsible for implementing this recommendation. |
• Uses Defined Configuration Standards — Management has defined configuration
standards.
• Monitors Infrastructure and Software — The entity monitors infrastructure and
software for noncompliance with the standards, which could threaten the achievement of the entity's objectives.
• Implements Change-Detection Mechanisms — The IT system includes a changedetection mechanism (for example, file integrity monitoring tools) to alert personnel
to unauthorized modifications of critical system files, configuration files, or content
files.
• Detects Unknown or Unauthorized Components — Procedures are in place to detect the introduction of unknown or unauthorized components.
• Conducts Vulnerability Scans — The entity conducts vulnerability scans designed to
identify potential vulnerabilities or misconfigurations on a periodic basis and after
any significant change in the environment and takes action to remediate identified
deficiencies on a timely basis |
|
17 |