πΌ CM-7(1) Periodic Review (M)(H)
- Contextual name: πΌ CM-7(1) Periodic Review (M)(H)
- ID:
/frameworks/fedramp-high-security-controls/cm/07/01 - Located in: πΌ CM-7 Least Functionality (L)(M)(H)
Descriptionβ
(a) Review the system [FedRAMP Assignment: at least annually] to identify unnecessary and/or nonsecure functions, ports, protocols, software, and services; and
(b) Disable or remove [Assignment: organization-defined functions, ports, protocols, software, and services within the system deemed to be unnecessary and/or nonsecure].
Similarβ
- Sections
/frameworks/nist-sp-800-53-r5/cm/07/01
- Internal
- ID:
dec-c-3a09261c
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST SP 800-53 Revision 5 β πΌ CM-7(1) Least Functionality _ Periodic Review |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP Moderate Security Controls β πΌ CM-7(1) Periodic Review (M)(H) | 11 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (11)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS EC2 Security Group allows public IPv4 (0.0.0.0/0) access to admin ports π’ | 1 | π’ x6 |
| π AWS EC2 Security Group allows public IPv6 (::/0) access to admin ports π’ | 1 | π’ x6 |
| π AWS EC2 Security Group allows unrestricted DNS traffic π’ | 1 | π’ x6 |
| π AWS EC2 Security Group allows unrestricted FTP traffic π’ | 1 | π’ x6 |
| π AWS EC2 Security Group allows unrestricted ICMP traffic π’ | 1 | π’ x6 |
| π AWS EC2 Security Group allows unrestricted NetBIOS traffic π’ | 1 | π’ x6 |
| π AWS EC2 Security Group allows unrestricted RPC traffic π’ | 1 | π’ x6 |
| π AWS EC2 Security Group allows unrestricted SMTP traffic π’ | 1 | π’ x6 |
| π AWS EC2 Security Group allows unrestricted traffic to MSSQL π’ | 1 | π’ x6 |
| π AWS EC2 Security Group allows unrestricted traffic to MySQL π’ | 1 | π’ x6 |
| π AWS EC2 Security Group allows unrestricted traffic to PostgreSQL π’ | 1 | π’ x6 |
Internal Rulesβ
| Rule | Policies | Flags |
|---|---|---|
| βοΈ dec-x-3e379c67 | 1 | |
| βοΈ dec-x-6eab9b88 | 1 | |
| βοΈ dec-x-11c3009f | 1 | |
| βοΈ dec-x-42a09084 | 1 | |
| βοΈ dec-x-293ab45b | 1 | |
| βοΈ dec-x-66358b45 | 1 | |
| βοΈ dec-x-bcae85fb | 2 | |
| βοΈ dec-x-ca1c0c0d | 1 | |
| βοΈ dec-x-f12d78aa | 1 | |
| βοΈ dec-z-dbeeed9f | 1 | |
| βοΈ dec-z-f778950c | 1 |