Skip to main content

πŸ’Ό AC-4(2) Information Flow Enforcement | Processing Domains

  • Contextual name: πŸ’Ό AC-4(2) Information Flow Enforcement | Processing Domains
  • ID: /frameworks/nist-sp-800-53-r5/ac/04/02
  • Located in: πŸ’Ό AC-4 Information Flow Enforcement

Description​

Use protected processing domains to enforce [Assignment: organization-defined information flow control policies] as a basis for flow control decisions.

Similar​

  • Internal
    • ID: dec-c-768c8212

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags

Policies (27)​

PolicyLogic CountFlags
πŸ“ AWS Account EBS Volume Encryption Attribute is not enabled in all regions 🟒1🟒 x6
πŸ“ AWS ACM Certificate with Wildcard Domain Name 🟒1🟒 x6
πŸ“ AWS API Gateway API Route Authorization Type is not configured 🟒1🟒 x6
πŸ“ AWS API Gateway REST API Stage is not configured to use an SSL certificate for authentication 🟒1🟒 x6
πŸ“ AWS EFS File System encryption is not enabled 🟒1🟒 x6
πŸ“ AWS RDS Instance Encryption is not enabled 🟒1🟒 x6
πŸ“ AWS S3 Bucket Policy is not set to deny HTTP requests 🟒1🟒 x6
πŸ“ Azure App Service Authentication is disabled and Basic Authentication is enabled 🟒1🟒 x6
πŸ“ Azure App Service Basic Authentication is enabled 🟒🟒 x3
πŸ“ Azure App Service FTP deployments are not disabled 🟒1🟒 x6
πŸ“ Azure App Service HTTPS Only configuration is not enabled 🟒1🟒 x6
πŸ“ Azure App Service Minimum TLS Version is not set to TLS 1.2 or higher 🟒1🟒 x6
πŸ“ Azure Diagnostic Setting Logs export to Storage Account not encrypted with Customer-managed key 🟒1🟒 x6
πŸ“ Azure MySQL Flexible Server require_secure_transport Parameter is not set to ON 🟒1🟒 x6
πŸ“ Azure MySQL Flexible Server TLS Version is not set to TLS 1.2 🟒1🟒 x6
πŸ“ Azure PostgreSQL Flexible Server require_secure_transport Parameter is not set to ON 🟒1🟒 x6
πŸ“ Azure PostgreSQL Single Server Enforce SSL Connection is not set enabled 🟒1🟒 x6
πŸ“ Azure PostgreSQL Single Server Infrastructure Double Encryption is not enabled 🟒1🟒 x6
πŸ“ Azure SQL Server Transparent Data Encryption Protector is not encrypted with Customer-managed key 🟒1🟒 x6
πŸ“ Azure Storage Account Minimum TLS Version is not set to TLS 1.2 or higher 🟒1🟒 x6
πŸ“ Azure Storage Account Require Infrastructure Encryption is not enabled 🟒1🟒 x6
πŸ“ Azure Storage Account Secure Transfer Required is not enabled 🟒1🟒 x6
πŸ“ Azure Storage Account With Critical Data is not encrypted with customer managed key 🟒🟒 x3
πŸ“ Azure Subscription Network Watcher is not enabled in every available region 🟒1πŸ”΄ x1, 🟒 x5
πŸ“ Azure Virtual Machine is not utilizing Managed Disks 🟒1🟒 x6
πŸ“ Azure Virtual Machine OS and Data disks are not encrypted with Customer-managed key 🟒1🟒 x6
πŸ“ Unattached Azure Managed Disk is not encrypted with Customer-managed key 🟒1🟒 x6

Internal Rules​

RulePoliciesFlags
βœ‰οΈ dec-x-0bdcd2761
βœ‰οΈ dec-x-2ace19521
βœ‰οΈ dec-x-5c3c20671
βœ‰οΈ dec-x-5fa71eac1
βœ‰οΈ dec-x-6ba5ecd21
βœ‰οΈ dec-x-6ed261671
βœ‰οΈ dec-x-9cdb74071
βœ‰οΈ dec-x-14f5fc251
βœ‰οΈ dec-x-75db76ad1
βœ‰οΈ dec-x-230b5e351
βœ‰οΈ dec-x-588af79c1
βœ‰οΈ dec-x-966d31831
βœ‰οΈ dec-x-629108da1
βœ‰οΈ dec-x-995424b72
βœ‰οΈ dec-x-aeac09d61
βœ‰οΈ dec-x-aef11ebd1
βœ‰οΈ dec-x-b94bd3681
βœ‰οΈ dec-x-c0a7793e1
βœ‰οΈ dec-x-c2bf987a1
βœ‰οΈ dec-x-ca52f63a2
βœ‰οΈ dec-x-d5fbfc401
βœ‰οΈ dec-x-d9d39f211
βœ‰οΈ dec-x-d25f7dfa1
βœ‰οΈ dec-x-d95ea48b1
βœ‰οΈ dec-x-f63fd4f01