compliance controls are associated with this Policy definition 'Virtual network firewall rule on Azure SQL Database should be enabled to allow traffic from the specified subnet' (77e8b146-0078-4fb2-b002-e112381199f0)
Control Domain |
Control |
Name |
MetadataId |
Category |
Title |
Owner |
Requirements |
Description |
Info |
Policy# |
CMMC_L2_v1.9.0 |
AC.L2_3.1.3 |
CMMC_L2_v1.9.0_AC.L2_3.1.3 |
Cybersecurity Maturity Model Certification (CMMC) Level 2 v1.9.0 AC.L2 3.1.3 |
Access Control |
Control CUI Flow |
Shared |
Control the flow of CUI in accordance with approved authorizations. |
To regulate the flow of Controlled Unclassified Information (CUI) in accordance with approved authorizations |
|
45 |
CMMC_L2_v1.9.0 |
SC.L2_3.13.6 |
CMMC_L2_v1.9.0_SC.L2_3.13.6 |
Cybersecurity Maturity Model Certification (CMMC) Level 2 v1.9.0 SC.L2 3.13.6 |
System and Communications Protection |
Network Communication by Exception |
Shared |
Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception). |
To minimise the attack surface and reduce the risk of unauthorized access or malicious activities on their networks. |
|
4 |
|
mp.com.1 Secure perimeter |
mp.com.1 Secure perimeter |
404 not found |
|
|
|
n/a |
n/a |
|
49 |
PCI_DSS_v4.0.1 |
1.3.1 |
PCI_DSS_v4.0.1_1.3.1 |
PCI DSS v4.0.1 1.3.1 |
Install and Maintain Network Security Controls |
Inbound traffic to the CDE is restricted to only traffic that is necessary and all other traffic is specifically denied |
Shared |
n/a |
Examine configuration standards for NSCs to verify that they define restricting inbound traffic to the CDE is in accordance with all elements specified in this requirement. Examine configurations of NSCs to verify that inbound traffic to the CDE is restricted in accordance with all elements specified in this requirement |
|
4 |
PCI_DSS_v4.0.1 |
1.3.2 |
PCI_DSS_v4.0.1_1.3.2 |
PCI DSS v4.0.1 1.3.2 |
Install and Maintain Network Security Controls |
Outbound traffic from the CDE is restricted to only traffic that is necessary and all other traffic is specifically denied |
Shared |
n/a |
Examine configuration standards for NSCs to verify that they define restricting outbound traffic from the CDE in accordance with all elements specified in this requirement. Examine configurations of NSCs to verify that outbound traffic from the CDE is restricted in accordance with all elements specified in this requirement |
|
4 |
PCI_DSS_v4.0.1 |
1.4.2 |
PCI_DSS_v4.0.1_1.4.2 |
PCI DSS v4.0.1 1.4.2 |
Install and Maintain Network Security Controls |
Inbound traffic from untrusted networks to trusted networks is restricted to communications with system components that are authorized to provide publicly accessible services, protocols, and ports, stateful responses to communications initiated by system components in a trusted network, and all other traffic is denied |
Shared |
n/a |
Examine vendor documentation and configurations of NSCs to verify that inbound traffic from untrusted networks to trusted networks is restricted in accordance with all elements specified in this requirement |
|
4 |
RMiT_v1.0 |
Appendix_5.6 |
RMiT_v1.0_Appendix_5.6 |
RMiT Appendix 5.6 |
Control Measures on Cybersecurity |
Control Measures on Cybersecurity - Appendix 5.6 |
Customer |
n/a |
Ensure security controls for remote access to server include the following:
(a) restrict access to only hardened and locked down end-point devices;
(b) use secure tunnels such as TLS and VPN IPSec;
(c) deploy ‘gateway’ server with adequate perimeter defences and protection such as firewall, IPS and antivirus; and
(d) close relevant ports immediately upon expiry of remote access. |
link |
19 |