💼 SC-23 Session Authenticity (M)(H)

• ID: /frameworks/fedramp-moderate-security-controls/sc/23

Description

Protect the authenticity of communications sessions.

Similar

• Sections
  • /frameworks/fedramp-high-security-controls/sc/23
• Internal
  • ID: dec-c-ec7c216d

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 FedRAMP High Security Controls → 💼 SC-23 Session Authenticity (M)(H)		7	13		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (13)

Policy	Logic Count	Flags	Compliance
🛡️ AWS API Gateway REST API Stage is not configured to use an SSL certificate for authentication🟢	1	🟢 x6	no data
🛡️ AWS CloudFront Web Distribution Cache Behaviors allow unencrypted traffic🟢	1	🟢 x6	no data
🛡️ AWS CloudFront Web Distribution does not encrypt traffic to Custom Origins🟢	1	🟢 x6	no data
🛡️ AWS CloudFront Web Distribution uses default SSL/TLS certificate🟢	1	🟢 x6	no data
🛡️ AWS CloudFront Web Distribution uses Dedicated IP for SSL🟢	1	🟢 x6	no data
🛡️ AWS CloudFront Web Distribution uses outdated SSL protocols with Custom Origins🟢	1	🟢 x6	no data
🛡️ AWS DMS Endpoint doesn't use SSL🟢	1	🟢 x6	no data
🛡️ AWS S3 Bucket Policy is not set to deny HTTP requests🟢	1	🟢 x6	no data
🛡️ Azure App Service FTP deployments are not disabled🟢	1	🟢 x6	no data
🛡️ Azure App Service HTTPS Only configuration is not enabled🟢	1	🟢 x6	no data
🛡️ Azure MySQL Flexible Server require_secure_transport Parameter is not set to ON🟢	1	🟢 x6	no data
🛡️ Azure PostgreSQL Flexible Server require_secure_transport Parameter is not set to ON🟢	1	🟢 x6	no data
🛡️ Azure PostgreSQL Single Server Enforce SSL Connection is not set enabled🟢	1	🟢 x6	no data