💼 DE.CM-7: Monitoring for unauthorized personnel, connections, devices, and software is performed

• Contextual name: 💼 DE.CM-7: Monitoring for unauthorized personnel, connections, devices, and software is performed
• ID: /frameworks/nist-csf-v1.1/de-cm/07
• Located in: 💼 Security Continuous Monitoring (DE.CM)

Description

Empty...

Similar

• Sections
  • /frameworks/iso-iec-27001-2013/12/04/01
  • /frameworks/iso-iec-27001-2013/14/02/07
  • /frameworks/iso-iec-27001-2013/15/02/01
  • /frameworks/nist-sp-800-53-r4/au/12
  • /frameworks/nist-sp-800-53-r4/ca/07
  • /frameworks/nist-sp-800-53-r4/cm/03
  • /frameworks/nist-sp-800-53-r4/cm/08
  • /frameworks/nist-sp-800-53-r4/pe/03
  • /frameworks/nist-sp-800-53-r4/pe/06
  • /frameworks/nist-sp-800-53-r4/pe/20
  • /frameworks/nist-sp-800-53-r4/si/04
• Internal
  • ID: dec-c-381c8ec8

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 ISO/IEC 27001:2013 → 💼 A.12.4.1 Event logging		15	18
💼 ISO/IEC 27001:2013 → 💼 A.14.2.7 Outsourced development
💼 ISO/IEC 27001:2013 → 💼 A.15.2.1 Monitoring and review of supplier services
💼 NIST SP 800-53 Revision 4 → 💼 AU-12 AUDIT GENERATION	3
💼 NIST SP 800-53 Revision 4 → 💼 CA-7 CONTINUOUS MONITORING	3
💼 NIST SP 800-53 Revision 4 → 💼 CM-3 CONFIGURATION CHANGE CONTROL	6	1	1
💼 NIST SP 800-53 Revision 4 → 💼 CM-8 INFORMATION SYSTEM COMPONENT INVENTORY	9	1	2
💼 NIST SP 800-53 Revision 4 → 💼 PE-3 PHYSICAL ACCESS CONTROL	6
💼 NIST SP 800-53 Revision 4 → 💼 PE-6 MONITORING PHYSICAL ACCESS	4
💼 NIST SP 800-53 Revision 4 → 💼 PE-20 ASSET MONITORING AND TRACKING
💼 NIST SP 800-53 Revision 4 → 💼 SI-4 INFORMATION SYSTEM MONITORING	24

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST CSF v2.0 → 💼 DE.CM-01: Networks and network services are monitored to find potentially adverse events			118
💼 NIST CSF v2.0 → 💼 DE.CM-03: Personnel activity and technology usage are monitored to find potentially adverse events			81
💼 NIST CSF v2.0 → 💼 DE.CM-06: External service provider activities and services are monitored to find potentially adverse events			31
💼 NIST CSF v2.0 → 💼 DE.CM-09: Computing hardware and software, runtime environments, and their data are monitored to find potentially adverse events			137

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (23)

Policy	Logic Count	Flags
📝 AWS CloudTrail Log File Validation is not enabled 🟢	1	🟢 x6
📝 AWS CloudTrail S3 Bucket Access Logging is not enabled. 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows public IPv4 (0.0.0.0/0) access to admin ports 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows public IPv6 (::/0) access to admin ports 🟢	1	🟢 x6
📝 AWS S3 Bucket Server Access Logging is not enabled 🟢	1	🟢 x6
📝 AWS VPC Flow Logs are not enabled 🟢	1	🟠 x1, 🟢 x5
📝 Azure Diagnostic Setting for Azure Key Vault is not enabled 🟢		🟢 x3
📝 Azure PostgreSQL Flexible Server connection_throttle.enable Parameter is not set to ON 🟢	1	🟢 x6
📝 Azure PostgreSQL Flexible Server log_checkpoints Parameter is not set to ON 🟢	1	🟢 x6
📝 Azure PostgreSQL Flexible Server log_retention_days Parameter is less than 4 days 🟢	1	🟢 x6
📝 Azure PostgreSQL Single Server log_connections Parameter is not set to ON 🟢	1	🟢 x6
📝 Azure PostgreSQL Single Server log_disconnections Parameter is not set to ON 🟢	1	🟢 x6
📝 Azure SQL Server Auditing is not enabled 🟢	1	🟢 x6
📝 Azure SQL Server Auditing Retention is less than 90 days 🟢	1	🟢 x6
📝 Azure Storage Blob Logging is not enabled for Read, Write, and Delete requests 🟢	1	🟢 x6
📝 Azure Storage Queue Logging is not enabled for Read, Write, and Delete requests 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Create or Update Network Security Group does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Create or Update Security Solution does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Create Policy Assignment does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Delete Network Security Group does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Delete Policy Assignment does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Delete Security Solution does not exist 🟢	1	🟢 x6
📝 Google Cloud Audit Logging is not configured properly 🟢	1	🟢 x6

Internal Rules

Rule	Policies	Flags
✉️ dec-x-0c82d775	1
✉️ dec-x-9b79d91f	1
✉️ dec-x-9c041667	1
✉️ dec-x-20c9ef83	1
✉️ dec-x-24bba483	1
✉️ dec-x-36ced3d1	1
✉️ dec-x-89d5ed7a	1
✉️ dec-x-611eaa35	1
✉️ dec-x-850beea8	1
✉️ dec-x-1518c16e	1
✉️ dec-x-79579ed7	1
✉️ dec-x-9002886f	1
✉️ dec-x-b1e1a494	1
✉️ dec-x-b2ce0ca1	1
✉️ dec-x-c397d3ca	2
✉️ dec-x-db1b7a1b	1
✉️ dec-x-dc359e59	1
✉️ dec-x-e0014333	2