Skip to main content

💼 AC-4(2) Information Flow Enforcement | Processing Domains

  • ID: /frameworks/nist-sp-800-53-r5/ac/04/02

Description

Use protected processing domains to enforce [Assignment: organization-defined information flow control policies] as a basis for flow control decisions.

Similar

  • Internal
    • ID: dec-c-768c8212

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlagsCompliance

Policies (32)

PolicyLogic CountFlagsCompliance
🛡️ AWS Account EBS Volume Encryption Attribute is not enabled in all regions🟢1🟢 x6no data
🛡️ AWS ACM Certificate with Wildcard Domain Name🟢1🟢 x6no data
🛡️ AWS API Gateway API Route Authorization Type is not configured🟢1🟢 x6no data
🛡️ AWS API Gateway REST API Stage is not configured to use an SSL certificate for authentication🟢1🟢 x6no data
🛡️ AWS CloudFront Web Distribution Cache Behaviors allow unencrypted traffic🟢1🟢 x6no data
🛡️ AWS CloudFront Web Distribution does not encrypt traffic to Custom Origins🟢1🟢 x6no data
🛡️ AWS CloudFront Web Distribution uses outdated SSL protocols with Custom Origins🟢1🟢 x6no data
🛡️ AWS DAX Cluster Server-Side Encryption is not enabled🟢1🟢 x6no data
🛡️ AWS DMS Endpoint doesn't use SSL🟢1🟢 x6no data
🛡️ AWS EFS File System encryption is not enabled🟢1🟢 x6no data
🛡️ AWS RDS Instance Encryption is not enabled🟢1🟢 x6no data
🛡️ AWS S3 Bucket Policy is not set to deny HTTP requests🟢1🟢 x6no data
🛡️ Azure App Service Authentication is disabled and Basic Authentication is enabled🟢1🟢 x6no data
🛡️ Azure App Service Basic Authentication is enabled🟢⚪🟢 x2, ⚪ x1no data
🛡️ Azure App Service FTP deployments are not disabled🟢1🟢 x6no data
🛡️ Azure App Service HTTPS Only configuration is not enabled🟢1🟢 x6no data
🛡️ Azure App Service Minimum TLS Version is not set to TLS 1.2 or higher🟢1🟢 x6no data
🛡️ Azure Diagnostic Setting Logs export to Storage Account not encrypted with Customer-managed key🟢1🟢 x6no data
🛡️ Azure MySQL Flexible Server require_secure_transport Parameter is not set to ON🟢1🟢 x6no data
🛡️ Azure MySQL Flexible Server TLS Version is not set to TLS 1.2🟢1🟢 x6no data
🛡️ Azure PostgreSQL Flexible Server require_secure_transport Parameter is not set to ON🟢1🟢 x6no data
🛡️ Azure PostgreSQL Single Server Enforce SSL Connection is not set enabled🟢1🟢 x6no data
🛡️ Azure PostgreSQL Single Server Infrastructure Double Encryption is not enabled🟢1🟢 x6no data
🛡️ Azure SQL Server Transparent Data Encryption Protector is not encrypted with Customer-managed key🟢1🟢 x6no data
🛡️ Azure Storage Account Minimum TLS Version is not set to TLS 1.2 or higher🟢1🟢 x6no data
🛡️ Azure Storage Account Require Infrastructure Encryption is not enabled🟢1🟢 x6no data
🛡️ Azure Storage Account Secure Transfer Required is not enabled🟢1🟢 x6no data
🛡️ Azure Storage Account With Critical Data is not encrypted with customer managed key🟢⚪🟢 x2, ⚪ x1no data
🛡️ Azure Subscription Network Watcher is not enabled in every available region🟢1🟢 x6no data
🛡️ Azure Unattached Managed Disk is not encrypted with Customer-managed key🟢1🟢 x6no data
🛡️ Azure Virtual Machine is not utilizing Managed Disks🟢1🟢 x6no data
🛡️ Azure Virtual Machine OS and Data disks are not encrypted with Customer-managed key🟢1🟢 x6no data

Internal Rules

RulePoliciesFlags
✉️ dec-x-0bdcd2761
✉️ dec-x-2ace19521
✉️ dec-x-5c3c20671
✉️ dec-x-5fa71eac1
✉️ dec-x-6ba5ecd21
✉️ dec-x-6ed261671
✉️ dec-x-9cdb74071
✉️ dec-x-14f5fc251
✉️ dec-x-75db76ad1
✉️ dec-x-230b5e351
✉️ dec-x-588af79c1
✉️ dec-x-791dab131
✉️ dec-x-966d31831
✉️ dec-x-3181f3591
✉️ dec-x-4002ecfe1
✉️ dec-x-629108da1
✉️ dec-x-995424b72
✉️ dec-x-a4e033891
✉️ dec-x-aeac09d61
✉️ dec-x-aef11ebd1
✉️ dec-x-b94bd3681
✉️ dec-x-c0a7793e1
✉️ dec-x-c2bf987a1
✉️ dec-x-ca52f63a2
✉️ dec-x-d5fbfc401
✉️ dec-x-d9d39f211
✉️ dec-x-d25f7dfa1
✉️ dec-x-d95ea48b1
✉️ dec-x-e9e997041
✉️ dec-x-f63fd4f01