💼 PR.PT-4: Communications and control networks are protected

ID: /frameworks/nist-csf-v1.1/pr-pt/04

Description

Empty...

Similar

Sections
- /frameworks/iso-iec-27001-2013/13/01/01
- /frameworks/iso-iec-27001-2013/13/02/01
- /frameworks/iso-iec-27001-2013/14/01/03
- /frameworks/nist-sp-800-53-r4/ac/04
- /frameworks/nist-sp-800-53-r4/ac/17
- /frameworks/nist-sp-800-53-r4/ac/18
- /frameworks/nist-sp-800-53-r4/cp/08
- /frameworks/nist-sp-800-53-r4/sc/07
- /frameworks/nist-sp-800-53-r4/sc/19
- /frameworks/nist-sp-800-53-r4/sc/20
- /frameworks/nist-sp-800-53-r4/sc/21
- /frameworks/nist-sp-800-53-r4/sc/22
- /frameworks/nist-sp-800-53-r4/sc/23
- /frameworks/nist-sp-800-53-r4/sc/24
- /frameworks/nist-sp-800-53-r4/sc/25
- /frameworks/nist-sp-800-53-r4/sc/29
- /frameworks/nist-sp-800-53-r4/sc/32
- /frameworks/nist-sp-800-53-r4/sc/36
- /frameworks/nist-sp-800-53-r4/sc/37
- /frameworks/nist-sp-800-53-r4/sc/38
- /frameworks/nist-sp-800-53-r4/sc/39
- /frameworks/nist-sp-800-53-r4/sc/40
- /frameworks/nist-sp-800-53-r4/sc/41
- /frameworks/nist-sp-800-53-r4/sc/43
Internal
- ID: dec-c-724d2447

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Compliance
💼 ISO/IEC 27001:2013 → 💼 A.13.1.1 Network controls			1	no data
💼 ISO/IEC 27001:2013 → 💼 A.13.2.1 Information transfer policies and procedures				no data
💼 ISO/IEC 27001:2013 → 💼 A.14.1.3 Protecting application services transactions		10	14	no data
💼 NIST SP 800-53 Revision 4 → 💼 AC-4 INFORMATION FLOW ENFORCEMENT	22	1	1	no data
💼 NIST SP 800-53 Revision 4 → 💼 AC-17 REMOTE ACCESS	9			no data
💼 NIST SP 800-53 Revision 4 → 💼 AC-18 WIRELESS ACCESS	5			no data
💼 NIST SP 800-53 Revision 4 → 💼 CP-8 TELECOMMUNICATIONS SERVICES	5			no data
💼 NIST SP 800-53 Revision 4 → 💼 SC-7 BOUNDARY PROTECTION	23	5	10	no data
💼 NIST SP 800-53 Revision 4 → 💼 SC-19 VOICE OVER INTERNET PROTOCOL				no data
💼 NIST SP 800-53 Revision 4 → 💼 SC-20 SECURE NAME _ ADDRESS RESOLUTION SERVICE (AUTHORITATIVE SOURCE)	2			no data
💼 NIST SP 800-53 Revision 4 → 💼 SC-21 SECURE NAME _ ADDRESS RESOLUTION SERVICE (RECURSIVE OR CACHING RESOLVER)	1			no data
💼 NIST SP 800-53 Revision 4 → 💼 SC-22 ARCHITECTURE AND PROVISIONING FOR NAME _ ADDRESS RESOLUTION SERVICE				no data
💼 NIST SP 800-53 Revision 4 → 💼 SC-23 SESSION AUTHENTICITY	4			no data
💼 NIST SP 800-53 Revision 4 → 💼 SC-24 FAIL IN KNOWN STATE				no data
💼 NIST SP 800-53 Revision 4 → 💼 SC-25 THIN NODES				no data
💼 NIST SP 800-53 Revision 4 → 💼 SC-29 HETEROGENEITY	1			no data
💼 NIST SP 800-53 Revision 4 → 💼 SC-32 INFORMATION SYSTEM PARTITIONING				no data
💼 NIST SP 800-53 Revision 4 → 💼 SC-36 DISTRIBUTED PROCESSING AND STORAGE	1			no data
💼 NIST SP 800-53 Revision 4 → 💼 SC-37 OUT-OF-BAND CHANNELS	1			no data
💼 NIST SP 800-53 Revision 4 → 💼 SC-38 OPERATIONS SECURITY				no data
💼 NIST SP 800-53 Revision 4 → 💼 SC-39 PROCESS ISOLATION	2			no data
💼 NIST SP 800-53 Revision 4 → 💼 SC-40 WIRELESS LINK PROTECTION	4			no data
💼 NIST SP 800-53 Revision 4 → 💼 SC-41 PORT AND I_O DEVICE ACCESS				no data
💼 NIST SP 800-53 Revision 4 → 💼 SC-43 USAGE RESTRICTIONS				no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST CSF v2.0 → 💼 PR.AA-06: Physical access to assets is managed, monitored, and enforced commensurate with risk			22		no data
💼 NIST CSF v2.0 → 💼 PR.IR-01: Networks and environments are protected from unauthorized logical access and usage			70		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (22)

Policy	Logic Count	Flags	Compliance
🛡️ AWS CloudFront Web Distribution Cache Behaviors allow unencrypted traffic🟢	1	🟢 x6	no data
🛡️ AWS CloudFront Web Distribution does not encrypt traffic to Custom Origins🟢	1	🟢 x6	no data
🛡️ AWS DMS Endpoint doesn't use SSL🟢	1	🟢 x6	no data
🛡️ AWS EC2 Security Group allows public IPv4 (0.0.0.0/0) access to admin ports🟢	1	🟢 x6	no data
🛡️ AWS EC2 Security Group allows public IPv6 (::/0) access to admin ports🟢	1	🟢 x6	no data
🛡️ AWS EC2 Security Group allows unrestricted traffic to MongoDB🟢	1	🟢 x6	no data
🛡️ AWS EC2 Security Group allows unrestricted traffic to Oracle DBMS🟢	1	🟢 x6	no data
🛡️ AWS S3 Bucket is not configured to block public access🟢	1	🟢 x6	no data
🛡️ AWS S3 Bucket Policy is not set to deny HTTP requests🟢	1	🟢 x6	no data
🛡️ Azure App Service FTP deployments are not disabled🟢	1	🟢 x6	no data
🛡️ Azure App Service HTTPS Only configuration is not enabled🟢	1	🟢 x6	no data
🛡️ Azure MySQL Flexible Server require_secure_transport Parameter is not set to ON🟢	1	🟢 x6	no data
🛡️ Azure PostgreSQL Flexible Server require_secure_transport Parameter is not set to ON🟢	1	🟢 x6	no data
🛡️ Azure PostgreSQL Single Server Enforce SSL Connection is not set enabled🟢	1	🟢 x6	no data
🛡️ Azure PostgreSQL Single Server Infrastructure Double Encryption is not enabled🟢	1	🟢 x6	no data
🛡️ Azure Storage Account Secure Transfer Required is not enabled🟢	1	🟢 x6	no data
🛡️ Google BigQuery Dataset is anonymously or publicly accessible🟢	1	🟢 x6	no data
🛡️ Google Cloud SQL Instance External Authorized Networks whitelists all public IP addresses🟢	1	🟢 x6	no data
🛡️ Google GCE Instance has a public IP address🟢	1	🟢 x6	no data
🛡️ Google GCE Network has Firewall Rules which allow unrestricted SSH access from the Internet🟢	1	🟢 x6	no data
🛡️ Google HTTPS or SSL Proxy Load Balancer permits SSL policies with weak cipher suites🟢⚪		🟢 x2, ⚪ x1	no data
🛡️ Google Storage Bucket is anonymously or publicly accessible🟢	1	🟢 x6	no data

Internal Rules

Rule	Policies	Flags
✉️ dec-x-6ed26167	1
✉️ dec-x-14f5fc25	1
✉️ dec-x-75db76ad	1
✉️ dec-x-791dab13	1
✉️ dec-x-3181f359	1
✉️ dec-x-995424b7	2
✉️ dec-x-a4e03389	1
✉️ dec-x-c0a7793e	1
✉️ dec-x-d5fbfc40	1
✉️ dec-x-d95ea48b	1

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (22)​

Internal Rules​

Description

Similar

Similar Sections (Take Policies From)

Similar Sections (Give Policies To)

Sub Sections

Policies (22)

Internal Rules