Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Additional metadata
Name/Id: CMA_0147 / CMA_0147 Category: Documentation Title: Develop and document a DDoS response plan Ownership: Customer Description: Microsoft recommends that your organization develop and document a denial of service response plan that will guide your organization on how to prepare for a DDoS attack, what to do if one hits, and how to respond to the attack. The plan should include procedures around:
- How to identify signs of a denial of service
- How to identify the source of a denial of service
- How capabilities can be maintained during a denial of service
- What actions can be taken to clear a denial of service.
Microsoft recommends your organization include monitoring, use of logs and access control lists, firewalls, gateways, redundancies, load balancing, failover, and other communication paths in Denial of Service response plans. Requirements: The customer is responsible for implementing this recommendation.
The following 5 compliance controls are associated with this Policy definition 'Develop and document a DDoS response plan' (b7306e73-0494-83a2-31f5-280e934a8f70)
The information system protects against or limits the effects of the following types of denial of service attacks: [Assignment: organization-defined types of denial of service attacks or reference to source for such information] by employing [Assignment: organization-defined security safeguards].
Supplemental Guidance: A variety of technologies exist to limit, or in some cases, eliminate the effects of denial of service attacks. For example, boundary protection devices can filter certain types of packets to protect information system components on internal organizational networks from being directly affected by denial of service attacks. Employing increased capacity and bandwidth combined with service redundancy may also reduce the susceptibility to denial of service attacks. Related controls: SC-6, SC-7.
References: None.
The information system protects against or limits the effects of the following types of denial of service attacks: [Assignment: organization-defined types of denial of service attacks or reference to source for such information] by employing [Assignment: organization-defined security safeguards].
Supplemental Guidance: A variety of technologies exist to limit, or in some cases, eliminate the effects of denial of service attacks. For example, boundary protection devices can filter certain types of packets to protect information system components on internal organizational networks from being directly affected by denial of service attacks. Employing increased capacity and bandwidth combined with service redundancy may also reduce the susceptibility to denial of service attacks. Related controls: SC-6, SC-7.
References: None.
The information system protects against or limits the effects of the following types of denial of service attacks: [Assignment: organization-defined types of denial of service attacks or reference to source for such information] by employing [Assignment: organization-defined security safeguards].
Supplemental Guidance: A variety of technologies exist to limit, or in some cases, eliminate the effects of denial of service attacks. For example, boundary protection devices can filter certain types of packets to protect information system components on internal organizational networks from being directly affected by denial of service attacks. Employing increased capacity and bandwidth combined with service redundancy may also reduce the susceptibility to denial of service attacks. Related controls: SC-6, SC-7.
References: None.
a. [Selection: Protect against;Limit] the effects of the following types of denial-of-service events: [Assignment: organization-defined types of denial-of-service events]; and
b. Employ the following controls to achieve the denial-of-service objective: [Assignment: organization-defined controls by type of denial-of-service event].