💼 CM-6 Configuration Settings
- ID:
/frameworks/nist-sp-800-53-r5/cm/06
Description
a. Establish and document configuration settings for components employed within the system that reflect the most restrictive mode consistent with operational requirements using [Assignment: organization-defined common secure configurations]; b. Implement the configuration settings; c. Identify, document, and approve any deviations from established configuration settings for [Assignment: organization-defined system components] based on [Assignment: organization-defined operational requirements]; and d. Monitor and control changes to the configuration settings in accordance with organizational policies and procedures.
Similar
- Internal
- ID:
dec-c-3ceaf422
- ID:
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 FedRAMP High Security Controls → 💼 CM-6 Configuration Settings (L)(M)(H) | 2 | 12 | no data | ||
| 💼 FedRAMP Low Security Controls → 💼 CM-6 Configuration Settings (L)(M)(H) | 11 | no data | |||
| 💼 NIST CSF v2.0 → 💼 DE.CM-09: Computing hardware and software, runtime environments, and their data are monitored to find potentially adverse events | 142 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 CM-6(1) Configuration Settings _ Automated Management, Application, and Verification | 1 | no data | |||
| 💼 CM-6(2) Configuration Settings _ Respond to Unauthorized Changes | no data | ||||
| 💼 CM-6(3) Configuration Settings _ Unauthorized Change Detection | no data | ||||
| 💼 CM-6(4) Configuration Settings _ Conformance Demonstration | no data |
Policies (11)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ Google Cloud DNS Managed Zone DNSSEC is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google Cloud DNS Managed Zone DNSSEC Key-Signing Algorithm is RSASHA1🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google Cloud DNS Managed Zone DNSSEC Zone-Signing Algorithm is RSASHA1🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google Cloud MySQL Instance Local_infile Database Flag is not set to off🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google Cloud SQL Server Instance 3625 (trace flag) Database Flag is not set to on🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google Cloud SQL Server Instance remote access Database Flag is not set to off🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google Cloud SQL Server Instance user connections Database Flag is set to a limiting (other than 0) value🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google Cloud SQL Server Instance user options Database Flag is configured🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google GCE Instance Enable Connecting to Serial Ports is not disabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google Project has a default network🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google Project has a legacy network🟢 | 1 | 🟢 x6 | no data |