Skip to main content

💼 PR.IP-1: A baseline configuration of information technology/industrial control systems is created and maintained incorporating security principles (e.g. concept of least functionality)

  • ID: /frameworks/nist-csf-v1.1/pr-ip/01

Description

Empty...

Similar

  • Sections
    • /frameworks/iso-iec-27001-2013/12/01/02
    • /frameworks/iso-iec-27001-2013/12/05/01
    • /frameworks/iso-iec-27001-2013/12/06/02
    • /frameworks/iso-iec-27001-2013/14/02/02
    • /frameworks/iso-iec-27001-2013/14/02/03
    • /frameworks/iso-iec-27001-2013/14/02/04
    • /frameworks/nist-sp-800-53-r4/cm/02
    • /frameworks/nist-sp-800-53-r4/cm/03
    • /frameworks/nist-sp-800-53-r4/cm/04
    • /frameworks/nist-sp-800-53-r4/cm/05
    • /frameworks/nist-sp-800-53-r4/cm/06
    • /frameworks/nist-sp-800-53-r4/cm/07
    • /frameworks/nist-sp-800-53-r4/cm/09
    • /frameworks/nist-sp-800-53-r4/sa/10
  • Internal
    • ID: dec-c-6ef9bea9

Similar Sections (Take Policies From)

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 ISO/IEC 27001:2013 → 💼 A.12.1.2 Change managementno data
💼 ISO/IEC 27001:2013 → 💼 A.12.5.1 Installation of software on operational systems55no data
💼 ISO/IEC 27001:2013 → 💼 A.12.6.2 Restrictions on software installationno data
💼 ISO/IEC 27001:2013 → 💼 A.14.2.2 System change control proceduresno data
💼 ISO/IEC 27001:2013 → 💼 A.14.2.3 Technical review of applications after operating platform changesno data
💼 ISO/IEC 27001:2013 → 💼 A.14.2.4 Restrictions on changes to software packagesno data
💼 NIST SP 800-53 Revision 4 → 💼 CM-2 BASELINE CONFIGURATION711no data
💼 NIST SP 800-53 Revision 4 → 💼 CM-3 CONFIGURATION CHANGE CONTROL611no data
💼 NIST SP 800-53 Revision 4 → 💼 CM-4 SECURITY IMPACT ANALYSIS2no data
💼 NIST SP 800-53 Revision 4 → 💼 CM-5 ACCESS RESTRICTIONS FOR CHANGE7no data
💼 NIST SP 800-53 Revision 4 → 💼 CM-6 CONFIGURATION SETTINGS411no data
💼 NIST SP 800-53 Revision 4 → 💼 CM-7 LEAST FUNCTIONALITY567no data
💼 NIST SP 800-53 Revision 4 → 💼 CM-9 CONFIGURATION MANAGEMENT PLAN1no data
💼 NIST SP 800-53 Revision 4 → 💼 SA-10 DEVELOPER CONFIGURATION MANAGEMENT6no data

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlagsCompliance

Policies (26)

PolicyLogic CountFlagsCompliance
🛡️ AWS Account IAM Access Analyzer is not enabled for all regions🟢1🟢 x6no data
🛡️ AWS CloudFront Web Distribution Cache Behaviors allow unencrypted traffic🟢1🟢 x6no data
🛡️ AWS CloudFront Web Distribution uses outdated SSL protocols with Custom Origins🟢1🟢 x6no data
🛡️ AWS DMS Replication Instance Auto Minor Version Upgrade is not enabled🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows public IPv4 (0.0.0.0/0) access to admin ports🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows public IPv6 (::/0) access to admin ports🟢1🟢 x6no data
🛡️ AWS RDS Instance Auto Minor Version Upgrade is not enabled🟠🟢1🟠 x1, 🟢 x6no data
🛡️ AWS S3 Bucket is not configured to block public access🟢1🟢 x6no data
🛡️ AWS S3 Bucket Policy is not set to deny HTTP requests🟢1🟢 x6no data
🛡️ AWS S3 Bucket Versioning is not enabled🟢1🟢 x6no data
🛡️ Azure App Service does not run the latest Java version🟢⚪🟢 x2, ⚪ x1no data
🛡️ Azure App Service does not run the latest PHP version🟢⚪🟢 x2, ⚪ x1no data
🛡️ Azure App Service does not run the latest Python version🟢⚪🟢 x2, ⚪ x1no data
🛡️ Azure Cosmos DB Account Virtual Network Filter is not enabled🟢1🟢 x6no data
🛡️ Azure Network Security Group allows public access to RDP port🟢1🟢 x6no data
🛡️ Azure Network Security Group allows public access to SSH port🟢1🟢 x6no data
🛡️ Google Cloud DNS Managed Zone DNSSEC is not enabled🟢1🟢 x6no data
🛡️ Google Cloud DNS Managed Zone DNSSEC Key-Signing Algorithm is RSASHA1🟢1🟢 x6no data
🛡️ Google Cloud DNS Managed Zone DNSSEC Zone-Signing Algorithm is RSASHA1🟢1🟢 x6no data
🛡️ Google Cloud MySQL Instance Local_infile Database Flag is not set to off🟢1🟢 x6no data
🛡️ Google Cloud SQL Server Instance 3625 (trace flag) Database Flag is not set to on🟢1🟢 x6no data
🛡️ Google Cloud SQL Server Instance external scripts enabled Database Flag is not set to off🟢1🟢 x6no data
🛡️ Google Cloud SQL Server Instance user connections Database Flag is set to a limiting (other than 0) value🟢1🟢 x6no data
🛡️ Google Cloud SQL Server Instance user options Database Flag is configured🟢1🟢 x6no data
🛡️ Google Project has a default network🟢1🟢 x6no data
🛡️ Google Project has a legacy network🟢1🟢 x6no data

Internal Rules

RulePoliciesFlags
✉️ dec-x-0d66ed991
✉️ dec-x-4c15a09f1
✉️ dec-x-599c86b41
✉️ dec-x-ab7fc52e1