πΌ AC-4(15) Information Flow Enforcement | Detection of Unsanctioned Information
- Contextual name: πΌ AC-4(15) Information Flow Enforcement | Detection of Unsanctioned Information
- ID:
/frameworks/nist-sp-800-53-r5/ac/04/15 - Located in: πΌ AC-4 Information Flow Enforcement
Descriptionβ
When transferring information between different security domains, examine the information for the presence of [Assignment: organization-defined unsanctioned information] and prohibit the transfer of such information in accordance with the [Assignment: organization-defined security or privacy policy].
Similarβ
- Internal
- ID:
dec-c-b676d721
- ID:
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (10)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS API Gateway API Route Authorization Type is not configured π’ | 1 | π’ x6 |
| π AWS API Gateway REST API Stage is not configured to use an SSL certificate for authentication π’ | 1 | π’ x6 |
| π AWS DMS Replication Instance is publicly accessible π’ | 1 | π’ x6 |
| π AWS EC2 Auto Scaling Group behind ELB assigns public IP to instances π’ | 1 | π’ x6 |
| π AWS RDS Instance is publicly accessible and in an unrestricted public subnet π’ | 1 | π’ x6 |
| π AWS S3 Bucket is not configured to block public access π’ | 1 | π’ x6 |
| π AWS S3 Bucket Policy is not set to deny HTTP requests π’ | 1 | π’ x6 |
| π Azure App Service Authentication is disabled and Basic Authentication is enabled π’ | 1 | π’ x6 |
| π Azure App Service Basic Authentication is enabled π’ | π’ x3 | |
| π Azure Subscription Network Watcher is not enabled in every available region π’ | 1 | π’ x6 |
Internal Rulesβ
| Rule | Policies | Flags |
|---|---|---|
| βοΈ dec-x-5fa71eac | 1 | |
| βοΈ dec-x-629108da | 1 | |
| βοΈ dec-x-84342650 | 1 | |
| βοΈ dec-x-ca52f63a | 2 | |
| βοΈ dec-x-d5fbfc40 | 1 | |
| βοΈ dec-x-d9d39f21 | 1 | |
| βοΈ dec-x-e02b5fdd | 1 | |
| βοΈ dec-x-ec547a7c | 1 | |
| βοΈ dec-x-f937c35f | 1 |