last sync: 2023-Jan-27 18:40:07 UTC

Azure Policy definition

Verify security functions

Name Verify security functions
Azure Portal
Id ece8bb17-4080-5127-915f-dc7267ee8549
Version 1.1.0
details on versioning
Category Regulatory Compliance
Microsoft docs
Description CMA_C1708 - Verify security functions
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
Manual
Allowed
Manual, Disabled
RBAC
Role(s)
none
Rule
Aliases
Rule
ResourceTypes
IF (1)
Microsoft.Resources/subscriptions
Compliance The following 11 compliance controls are associated with this Policy definition 'Verify security functions' (ece8bb17-4080-5127-915f-dc7267ee8549)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
CIS_Azure_1.1.0 6.5 CIS_Azure_1.1.0_6.5 CIS Microsoft Azure Foundations Benchmark recommendation 6.5 6 Networking Ensure that Network Watcher is 'Enabled' Shared The customer is responsible for implementing this recommendation. Enable Network Watcher for Azure subscriptions. link 2
CIS_Azure_1.3.0 6.5 CIS_Azure_1.3.0_6.5 CIS Microsoft Azure Foundations Benchmark recommendation 6.5 6 Networking Ensure that Network Watcher is 'Enabled' Shared The customer is responsible for implementing this recommendation. Enable Network Watcher for Azure subscriptions. link 2
CIS_Azure_1.4.0 6.5 CIS_Azure_1.4.0_6.5 CIS Microsoft Azure Foundations Benchmark recommendation 6.5 6 Networking Ensure that Network Watcher is 'Enabled' Shared The customer is responsible for implementing this recommendation. Enable Network Watcher for Azure subscriptions. link 2
FedRAMP_High_R4 SI-6 FedRAMP_High_R4_SI-6 FedRAMP High SI-6 System And Information Integrity Security Function Verification Shared n/a The information system: a. Verifies the correct operation of [Assignment: organization-defined security functions]; b. Performs this verification [Selection (one or more): [Assignment: organization-defined system transitional states]; upon command by user with appropriate privilege; [Assignment: organization-defined frequency]]; c. Notifies [Assignment: organization-defined personnel or roles] of failed security verification tests; and d. [Selection (one or more): shuts the information system down; restarts the information system; [Assignment: organization-defined alternative action(s)]] when anomalies are discovered. Supplemental Guidance: Transitional states for information systems include, for example, system startup, restart, shutdown, and abort. Notifications provided by information systems include, for example, electronic alerts to system administrators, messages to local computer consoles, and/or hardware indications such as lights. Related controls: CA-7, CM-6. References: None. link 4
FedRAMP_Moderate_R4 SI-6 FedRAMP_Moderate_R4_SI-6 FedRAMP Moderate SI-6 System And Information Integrity Security Function Verification Shared n/a The information system: a. Verifies the correct operation of [Assignment: organization-defined security functions]; b. Performs this verification [Selection (one or more): [Assignment: organization-defined system transitional states]; upon command by user with appropriate privilege; [Assignment: organization-defined frequency]]; c. Notifies [Assignment: organization-defined personnel or roles] of failed security verification tests; and d. [Selection (one or more): shuts the information system down; restarts the information system; [Assignment: organization-defined alternative action(s)]] when anomalies are discovered. Supplemental Guidance: Transitional states for information systems include, for example, system startup, restart, shutdown, and abort. Notifications provided by information systems include, for example, electronic alerts to system administrators, messages to local computer consoles, and/or hardware indications such as lights. Related controls: CA-7, CM-6. References: None. link 4
hipaa 0204.09j2Organizational.1-09.j hipaa-0204.09j2Organizational.1-09.j 0204.09j2Organizational.1-09.j 02 Endpoint Protection 0204.09j2Organizational.1-09.j 09.04 Protection Against Malicious and Mobile Code Shared n/a Scans for malicious software are performed on boot and every 12 hours. 11
NIST_SP_800-53_R4 SI-6 NIST_SP_800-53_R4_SI-6 NIST SP 800-53 Rev. 4 SI-6 System And Information Integrity Security Function Verification Shared n/a The information system: a. Verifies the correct operation of [Assignment: organization-defined security functions]; b. Performs this verification [Selection (one or more): [Assignment: organization-defined system transitional states]; upon command by user with appropriate privilege; [Assignment: organization-defined frequency]]; c. Notifies [Assignment: organization-defined personnel or roles] of failed security verification tests; and d. [Selection (one or more): shuts the information system down; restarts the information system; [Assignment: organization-defined alternative action(s)]] when anomalies are discovered. Supplemental Guidance: Transitional states for information systems include, for example, system startup, restart, shutdown, and abort. Notifications provided by information systems include, for example, electronic alerts to system administrators, messages to local computer consoles, and/or hardware indications such as lights. Related controls: CA-7, CM-6. References: None. link 4
NIST_SP_800-53_R5 SI-6 NIST_SP_800-53_R5_SI-6 NIST SP 800-53 Rev. 5 SI-6 System and Information Integrity Security and Privacy Function Verification Shared n/a a. Verify the correct operation of [Assignment: organization-defined security and privacy functions]; b. Perform the verification of the functions specified in SI-6a [Selection (OneOrMore): [Assignment: organization-defined system transitional states] ;upon command by user with appropriate privilege; [Assignment: organization-defined frequency] ] ; c. Alert [Assignment: organization-defined personnel or roles] to failed security and privacy verification tests; and d. [Selection (OneOrMore): Shut the system down;Restart the system; [Assignment: organization-defined alternative action(s)] ] when anomalies are discovered. link 4
PCI_DSS_v4.0 10.7.1 PCI_DSS_v4.0_10.7.1 PCI DSS v4.0 10.7.1 Requirement 10: Log and Monitor All Access to System Components and Cardholder Data Failures of critical security control systems are detected, reported, and responded to promptly Shared n/a Failures of critical security control systems are detected, alerted, and addressed promptly, including but not limited to failure of the following critical security control systems: • Network security controls • IDS/IPS • FIM • Anti-malware solutions • Physical access controls • Logical access controls • Audit logging mechanisms • Segmentation controls (if used) link 5
PCI_DSS_v4.0 10.7.2 PCI_DSS_v4.0_10.7.2 PCI DSS v4.0 10.7.2 Requirement 10: Log and Monitor All Access to System Components and Cardholder Data Failures of critical security control systems are detected, reported, and responded to promptly Shared n/a Failures of critical security control systems are detected, alerted, and addressed promptly, including but not limited to failure of the following critical security control systems: • Network security controls • IDS/IPS • Change-detection mechanisms • Anti-malware solutions • Physical access controls • Logical access controls • Audit logging mechanisms • Segmentation controls (if used) • Audit log review mechanisms • Automated security testing tools (if used) link 5
PCI_DSS_v4.0 10.7.3 PCI_DSS_v4.0_10.7.3 PCI DSS v4.0 10.7.3 Requirement 10: Log and Monitor All Access to System Components and Cardholder Data Failures of critical security control systems are detected, reported, and responded to promptly Shared n/a Failures of any critical security controls systems are responded to promptly, including but not limited to: • Restoring security functions. • Identifying and documenting the duration (date and time from start to end) of the security failure. • Identifying and documenting the cause(s) of failure and documenting required remediation. • Identifying and addressing any security issues that arose during the failure. • Determining whether further actions are required as a result of the security failure. • Implementing controls to prevent the cause of failure from reoccurring. • Resuming monitoring of security controls. link 4
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-02 16:33:37 add ece8bb17-4080-5127-915f-dc7267ee8549
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
CIS Microsoft Azure Foundations Benchmark v1.1.0 1a5bb27d-173f-493e-9568-eb56638dde4d Regulatory Compliance GA BuiltIn
CIS Microsoft Azure Foundations Benchmark v1.3.0 612b5213-9160-4969-8578-1518bd2a000c Regulatory Compliance GA BuiltIn
CIS Microsoft Azure Foundations Benchmark v1.4.0 c3f5c4d9-9a1d-4a99-85c0-7f93e384d5c5 Regulatory Compliance GA BuiltIn
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
FedRAMP Moderate e95f5a9f-57ad-4d03-bb0b-b1d16db93693 Regulatory Compliance GA BuiltIn
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn
PCI DSS v4 c676748e-3af9-4e22-bc28-50feed564afb Regulatory Compliance GA BuiltIn
JSON
changes

JSON