💼 CM-7(1) Periodic Review (M)(H)
- ID:
/frameworks/fedramp-moderate-security-controls/cm/07/01
Description
(a) Review the system [FedRAMP Assignment: at least annually] to identify unnecessary and/or nonsecure functions, ports, protocols, software, and services; and
(b) Disable or remove [Assignment: organization-defined functions, ports, protocols, software, and services within the system deemed to be unnecessary and/or nonsecure].
Similar
- Sections
/frameworks/fedramp-high-security-controls/cm/07/01
- Internal
- ID:
dec-c-3a09261c
- ID:
Similar Sections (Take Policies From)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 FedRAMP High Security Controls → 💼 CM-7(1) Periodic Review (M)(H) | 12 | 12 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (12)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS CloudFront Web Distribution uses outdated SSL protocols with Custom Origins🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EC2 Security Group allows public IPv4 (0.0.0.0/0) access to admin ports🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EC2 Security Group allows public IPv6 (::/0) access to admin ports🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EC2 Security Group allows unrestricted DNS traffic🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EC2 Security Group allows unrestricted FTP traffic🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EC2 Security Group allows unrestricted ICMP traffic🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EC2 Security Group allows unrestricted NetBIOS traffic🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EC2 Security Group allows unrestricted RPC traffic🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EC2 Security Group allows unrestricted SMTP traffic🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EC2 Security Group allows unrestricted traffic to MSSQL🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EC2 Security Group allows unrestricted traffic to MySQL🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EC2 Security Group allows unrestricted traffic to PostgreSQL🟢 | 1 | 🟢 x6 | no data |