💼 4.11 Ensure Network Access Control Lists (NACL) changes are monitored - Level 2 (Manual)

Contextual name: 💼 4.11 Ensure Network Access Control Lists (NACL) changes are monitored - Level 2 (Manual)
ID: /frameworks/cis-aws-v2.0.0/04/11
Located in: 💼 4 Monitoring

Description

Real-time monitoring of API calls can be achieved by directing CloudTrail Logs to CloudWatch Logs, or an external Security information and event management (SIEM) environment, and establishing corresponding metric filters and alarms. NACLs are used as a stateless packet filter to control ingress and egress traffic for subnets within a VPC. It is recommended that a metric filter and alarm be established for changes made to NACLs.

Similar

Sections
- /frameworks/cis-aws-v3.0.0/04/11
- /frameworks/cis-aws-v1.5.0/04/11
Internal
- ID: dec-c-8d77eaf1

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS AWS v1.5.0 → 💼 4.11 Ensure a log metric filter and alarm exist for changes to Network Access Control Lists (NACL) - Level 2 (Automated)			1
💼 CIS AWS v3.0.0 → 💼 4.11 Ensure Network Access Control Lists (NACL) changes are monitored - Level 2 (Manual)			1

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS AWS v1.5.0 → 💼 4.11 Ensure a log metric filter and alarm exist for changes to Network Access Control Lists (NACL) - Level 2 (Automated)			1
💼 CIS AWS v3.0.0 → 💼 4.11 Ensure Network Access Control Lists (NACL) changes are monitored - Level 2 (Manual)			1

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (1)

Policy	Logic Count	Flags
📝 AWS CloudTrail Network Access Control Lists Changes Monitoring is not enabled 🟢		🟢 x3

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​