💼 SC-7(21) Isolation of System Components (H)

• Contextual name: 💼 SC-7(21) Isolation of System Components (H)
• ID: /frameworks/fedramp-high-security-controls/sc/07/21
• Located in: 💼 SC-7 Boundary Protection (L)(M)(H)

Description

Employ boundary protection mechanisms to isolate [Assignment: organization-defined system components] supporting [Assignment: organization-defined missions and/or business functions].

Similar

• Sections
  • /frameworks/nist-sp-800-53-r5/sc/07/21
• Internal
  • ID: dec-c-ce5a4a92

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(21) Boundary Protection _ Isolation of System Components			16

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (16)

Policy	Logic Count	Flags
📝 AWS EC2 Default Security Group does not restrict all traffic 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows public IPv4 (0.0.0.0/0) access to admin ports 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows public IPv6 (::/0) access to admin ports 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows unrestricted CIFS traffic 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows unrestricted FTP traffic 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows unrestricted RPC traffic 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows unrestricted SMTP traffic 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows unrestricted traffic to MSSQL 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows unrestricted traffic to MySQL 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows unrestricted traffic to PostgreSQL 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows unrestricted Telnet traffic 🟢	1	🟢 x6
📝 AWS RDS Instance is publicly accessible and in an unrestricted public subnet 🟢	1	🟢 x6
📝 AWS RDS Instance uses default endpoint port 🟢	1	🟢 x6
📝 AWS RDS Snapshot is publicly accessible 🟢	1	🟢 x6
📝 AWS S3 Bucket is not configured to block public access 🟢	1	🟢 x6
📝 AWS VPC Network ACL exposes admin ports to public internet ports 🟢	1	🟢 x6