πΌ DE.CM-02: The physical environment is monitored to find potentially adverse events
- Contextual name: πΌ DE.CM-02: The physical environment is monitored to find potentially adverse events
- ID:
/frameworks/nist-csf-v2.0/de-cm/02 - Located in: πΌ Continuous Monitoring (DE.CM)
Descriptionβ
- Monitor logs from physical access control systems (e.g., badge readers) to find unusual access patterns (e.g., deviations from the norm) and failed access attempts
- Review and monitor physical access records (e.g., from visitor registration, sign-in sheets)
- Monitor physical access controls (e.g., locks, latches, hinge pins, alarms) for signs of tampering
- Monitor the physical environment using alarm systems, cameras, and security guards
Similarβ
- Sections
/frameworks/nist-csf-v1.1/de-cm/02/frameworks/nist-sp-800-53-r5/ca/07/frameworks/nist-sp-800-53-r5/pe/03/frameworks/nist-sp-800-53-r5/pe/06/frameworks/nist-sp-800-53-r5/pe/20
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST CSF v1.1 β πΌ DE.CM-2: The physical environment is monitored to detect potential cybersecurity events | ||||
| πΌ NIST SP 800-53 Revision 5 β πΌ CA-7 Continuous Monitoring | 6 | 8 | ||
| πΌ NIST SP 800-53 Revision 5 β πΌ PE-3 Physical Access Control | 8 | |||
| πΌ NIST SP 800-53 Revision 5 β πΌ PE-6 Monitoring Physical Access | 4 | |||
| πΌ NIST SP 800-53 Revision 5 β πΌ PE-20 Asset Monitoring and Tracking |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (8)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS Account Multi-Region CloudTrail is not enabled π’ | 1 | π’ x6 |
| π AWS API Gateway API Access Logging in CloudWatch is not enabled π’ | 1 | π x1, π’ x5 |
| π AWS API Gateway API Execution Logging in CloudWatch is not enabled π’ | 1 | π’ x6 |
| π AWS API Gateway REST API Stage X-Ray Tracing is not enabled π’ | 1 | π’ x6 |
| π AWS CloudTrail S3 Bucket Access Logging is not enabled. π’ | 1 | π’ x6 |
| π AWS EC2 Auto Scaling Group behind ELB doesn't use ELB health check π’ | 1 | π’ x6 |
| π AWS S3 Bucket Server Access Logging is not enabled π’ | 1 | π’ x6 |
| π AWS VPC Flow Logs are not enabled π’ | 1 | π x1, π’ x5 |