Объединенная экспертная группа по инициативе преобразования



страница32/48
Дата09.05.2018
Размер6.15 Mb.
1   ...   28   29   30   31   32   33   34   35   ...   48


ТАБЛИЦА D-19: МЕРЫ БЕЗОПАСНОСТИ ЦЕЛОСТНОСТИ СИСТЕМ И ИНФОРМАЦИИ - СВОДКА

CNTL

NO.

control name

Control Enhancement Name

withdrawn

assurance

control baselines

low

mod

high

SI-1

System and Information Integrity Policy and Procedures




x

x

x

x

SI-2

Flaw Remediation







x

x

x

SI-2(1)

flaw remediation | central management













x

SI-2(2)

flaw remediation | automated flaw remediation status










x

x

SI-2(3)

flaw remediation | time to remediate flaws / benchmarks for corrective actions
















SI-2(4)

flaw remediation | automated patch management tools

x

Incorporated into SI-2.

SI-2(5)

flaw remediation | automatic software / firmware updates
















SI-2(6)

flaw remediation | removal of previous versions of software / firmware
















SI-3

Malicious Code Protection







x

x

x

SI-3(1)

malicious code protection | central management










x

x

SI-3(2)

malicious code protection | automatic updates










x

x

SI-3(3)

malicious code protection | non-privileged users

x

Incorporated into AC-6(10).

SI-3(4)

malicious code protection | updates only by privileged users
















SI-3(5)

malicious code protection | portable storage devices

x

Incorporated into MP-7.

SI-3(6)

malicious code protection | testing / verification
















SI-3(7)

malicious code protection | nonsignature-based detection
















SI-3(8)

malicious code protection | detect unauthorized commands
















SI-3(9)

malicious code protection | authenticate remote commands
















SI-3(10)

malicious code protection | malicious code analysis
















SI-4

Information System Monitoring




x

x

x

x

SI-4(1)

information system monitoring | system-wide intrusion detection system




x










SI-4(2)

information system monitoring | automated tools for real-time analysis




x




x

x

SI-4(3)

information system monitoring | automated tool integration




x










SI-4(4)

information system monitoring | inbound and outbound communications traffic




x




x

x

SI-4(5)

information system monitoring | system-generated alerts




x




x

x

SI-4(6)

information system monitoring | restrict non-privileged users

x

Incorporated into AC-6(10).

SI-4(7)

information system monitoring | automated response to suspicious events




x










SI-4(8)

information system monitoring | protection of monitoring information

x

Incorporated into SI-4.

SI-4(9)

information system monitoring | testing of monitoring tools




x










SI-4(10)

information system monitoring | visibility of encrypted communications




x










SI-4(11)

information system monitoring | analyze communications traffic anomalies




x










SI-4(12)

information system monitoring | automated alerts




x










SI-4(13)

information system monitoring | analyze traffic / event patterns




x










SI-4(14)

information system monitoring | wireless intrusion detection




x










SI-4(15)

information system monitoring | wireless to wireline communications




x










SI-4(16)

information system monitoring | correlate monitoring information




x










SI-4(17)

information system monitoring | integrated situational awareness




x










SI-4(18)

information system monitoring | analyze traffic / covert exfiltration




x










SI-4(19)

information system monitoring | individuals posing greater risk




x










SI-4(20)

information system monitoring | privileged user




x










SI-4(21)

information system monitoring | probationary periods




x










SI-4(22)

information system monitoring | unauthorized network services




x










SI-4(23)

information system monitoring | host-based devices




x










SI-4(24)

information system monitoring | indicators of compromise




x










SI-5

Security Alerts, Advisories, and Directives




x

x

x

x

SI-5(1)

security alerts, advisories, and directives | automated alerts and advisories




x







x

SI-6

Security Function Verification




x







x

SI-6(1)

security function verification | notification of failed security tests

x

Incorporated into SI-6.

SI-6(2)

security function verification | automation support for distributed testing
















SI-6(3)

security function verification | report verification results
















SI-7

Software, Firmware, and Information Integrity




x




x

x

SI-7(1)

software, firmware, and information integrity | integrity checks




x




x

x

SI-7(2)

software, firmware, and information integrity | automated notifications of integrity violations




x







x

SI-7(3)

software, firmware, and information integrity | centrally managed integrity tools




x










SI-7(4)

software, firmware, and information integrity | tamper-evident packaging

x

Incorporated into SA-12.

SI-7(5)

software, firmware, and information integrity | automated response to integrity violations




x







x

SI-7(6)

software, firmware, and information integrity | cryptographic protection




x










SI-7(7)

software, firmware, and information integrity | integration of detection and response




x




x

x

SI-7(8)

software, firmware, and information integrity | auditing capability for significant events




x










SI-7(9)

software, firmware, and information integrity | verify boot process




x










SI-7(10)

software, firmware, and information integrity | protection of boot firmware




x










SI-7(11)

software, firmware, and information integrity | confined environments with limited privileges




x










SI-7(12)

software, firmware, and information integrity | integrity verification




x










SI-7(13)

software, firmware, and information integrity | code execution in protected environments




x










SI-7(14)

software, firmware, and information integrity | binary or machine executable code




x







x

SI-7(15)

software, firmware, and information integrity | code authentication




x










SI-7(16)

software, firmware, and information integrity | time limit on process execution without supervision




x










SI-8

Spam Protection










x

x

SI-8(1)

spam protection | central management










x

x

SI-8(2)

spam protection | automatic updates










x

x

SI-8(3)

spam protection | continuous learning capability
















SI-9

Information Input Restrictions

x

Incorporated into AC-2, AC-3, AC-5, AC-6.

SI-10

Information Input Validation




x




x

x

SI-10(1)

information input validation | manual override capability




x










SI-10(2)

information input validation | review / resolution of errors




x










SI-10(3)

information input validation | predictable behavior




x










SI-10(4)

information input validation | review / timing interactions




x










SI-10(5)

information input validation | review / restrict inputs to trusted sources and approved formats




x










SI-11

Error Handling










x

x

SI-12

Information Handling and Retention







x

x

x

SI-13

Predictable Failure Prevention




x










SI-13(1)

predictable failure prevention | transferring component responsibilities




x










SI-13(2)

predictable failure prevention | time limit on process execution without supervision

x

Incorporated into SI-7(16).

SI-13(3)

predictable failure prevention | manual transfer between components




x










SI-13(4)

predictable failure prevention | standby component installation / notification




x










SI-13(5)

predictable failure prevention | failover capability




x










SI-14

Non-Persistence




x










SI-14(1)

non-persistence | refresh from trusted sources




x










SI-15

Information Output Filtering




x










SI-16

Memory Protection




x




x

x

SI-17

Fail-Safe Procedures




x















Поделитесь с Вашими друзьями:
1   ...   28   29   30   31   32   33   34   35   ...   48


База данных защищена авторским правом ©vossta.ru 2019
обратиться к администрации

    Главная страница