πΌ SC-23 Session Authenticity (M)(H)
- Contextual name: πΌ SC-23 Session Authenticity (M)(H)
- ID:
/frameworks/fedramp-high-security-controls/sc/23 - Located in: πΌ System and Communications Protection
Descriptionβ
Protect the authenticity of communications sessions.
Similarβ
- Sections
/frameworks/nist-sp-800-53-r5/sc/23
- Internal
- ID:
dec-c-ec7c216d
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST SP 800-53 Revision 5 β πΌ SC-23 Session Authenticity | 5 | 2 |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP Moderate Security Controls β πΌ SC-23 Session Authenticity (M)(H) | 7 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (7)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS API Gateway REST API Stage is not configured to use an SSL certificate for authentication π’ | 1 | π’ x6 |
| π AWS S3 Bucket Policy is not set to deny HTTP requests π’ | 1 | π’ x6 |
| π Azure App Service FTP deployments are not disabled π’ | 1 | π’ x6 |
| π Azure App Service HTTPS Only configuration is not enabled π’ | 1 | π’ x6 |
| π Azure MySQL Flexible Server require_secure_transport Parameter is not set to ON π’ | 1 | π’ x6 |
| π Azure PostgreSQL Flexible Server require_secure_transport Parameter is not set to ON π’ | 1 | π’ x6 |
| π Azure PostgreSQL Single Server Enforce SSL Connection is not set enabled π’ | 1 | π’ x6 |
Internal Rulesβ
| Rule | Policies | Flags |
|---|---|---|
| βοΈ dec-x-14f5fc25 | 1 | |
| βοΈ dec-x-75db76ad | 1 | |
| βοΈ dec-x-995424b7 | 2 | |
| βοΈ dec-x-c0a7793e | 1 | |
| βοΈ dec-x-d5fbfc40 | 1 |