Skip to main content

💼 AC-4(15) Information Flow Enforcement | Detection of Unsanctioned Information

  • Contextual name: 💼 AC-4(15) Information Flow Enforcement | Detection of Unsanctioned Information
  • ID: /frameworks/nist-sp-800-53-r5/ac/04/15
  • Located in: 💼 AC-4 Information Flow Enforcement

Description

When transferring information between different security domains, examine the information for the presence of [Assignment: organization-defined unsanctioned information] and prohibit the transfer of such information in accordance with the [Assignment: organization-defined security or privacy policy].

Similar

  • Internal
    • ID: dec-c-b676d721

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlags

Policies (10)

PolicyLogic CountFlags
📝 AWS API Gateway API Route Authorization Type is not configured 🟢1🟢 x6
📝 AWS API Gateway REST API Stage is not configured to use an SSL certificate for authentication 🟢1🟢 x6
📝 AWS DMS Replication Instance is publicly accessible 🟢1🟢 x6
📝 AWS EC2 Auto Scaling Group behind ELB assigns public IP to instances 🟢1🟢 x6
📝 AWS RDS Instance is publicly accessible and in an unrestricted public subnet 🟢1🟢 x6
📝 AWS S3 Bucket is not configured to block public access 🟢1🟢 x6
📝 AWS S3 Bucket Policy is not set to deny HTTP requests 🟢1🟢 x6
📝 Azure App Service Authentication is disabled and Basic Authentication is enabled 🟢1🟢 x6
📝 Azure App Service Basic Authentication is enabled 🟢🟢 x3
📝 Azure Subscription Network Watcher is not enabled in every available region 🟢1🟢 x6

Internal Rules

RulePoliciesFlags
✉️ dec-x-5fa71eac1
✉️ dec-x-629108da1
✉️ dec-x-843426501
✉️ dec-x-ca52f63a2
✉️ dec-x-d5fbfc401
✉️ dec-x-d9d39f211
✉️ dec-x-e02b5fdd1
✉️ dec-x-ec547a7c1
✉️ dec-x-f937c35f1