💼 AC-4(15) Information Flow Enforcement | Detection of Unsanctioned Information
- ID:
/frameworks/nist-sp-800-53-r5/ac/04/15
Description
When transferring information between different security domains, examine the information for the presence of [Assignment: organization-defined unsanctioned information] and prohibit the transfer of such information in accordance with the [Assignment: organization-defined security or privacy policy].
Similar
- Internal
- ID:
dec-c-b676d721
- ID:
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (10)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS API Gateway API Route Authorization Type is not configured🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS API Gateway REST API Stage is not configured to use an SSL certificate for authentication🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS DMS Replication Instance is publicly accessible🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EC2 Auto Scaling Group behind ELB assigns public IP to instances🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS RDS Instance is publicly accessible and in an unrestricted public subnet🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS S3 Bucket is not configured to block public access🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS S3 Bucket Policy is not set to deny HTTP requests🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure App Service Authentication is disabled and Basic Authentication is enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure App Service Basic Authentication is enabled🟢⚪ | 🟢 x2, ⚪ x1 | no data | |
| 🛡️ Azure Subscription Network Watcher is not enabled in every available region🟢 | 1 | 🟢 x6 | no data |
Internal Rules
| Rule | Policies | Flags |
|---|---|---|
| ✉️ dec-x-5fa71eac | 1 | |
| ✉️ dec-x-629108da | 1 | |
| ✉️ dec-x-84342650 | 1 | |
| ✉️ dec-x-ca52f63a | 2 | |
| ✉️ dec-x-d5fbfc40 | 1 | |
| ✉️ dec-x-d9d39f21 | 1 | |
| ✉️ dec-x-e02b5fdd | 1 | |
| ✉️ dec-x-ec547a7c | 1 | |
| ✉️ dec-x-f937c35f | 1 |