Skip to main content

💼 SC-5(2) Denial-of-service Protection | Capacity, Bandwidth, and Redundancy

  • ID: /frameworks/nist-sp-800-53-r5/sc/05/02

Description

Manage capacity, bandwidth, or other redundancy to limit the effects of information flooding denial-of-service attacks.

Similar

  • Sections
    • /frameworks/aws-fsbp-v1.0.0/auto-scaling/02
    • /frameworks/aws-fsbp-v1.0.0/auto-scaling/06
    • /frameworks/aws-fsbp-v1.0.0/cloudfront/04
    • /frameworks/aws-fsbp-v1.0.0/documentdb/05
    • /frameworks/aws-fsbp-v1.0.0/dynamodb/01
    • /frameworks/aws-fsbp-v1.0.0/dynamodb/02
    • /frameworks/aws-fsbp-v1.0.0/dynamodb/06
    • /frameworks/aws-fsbp-v1.0.0/ec2/20
    • /frameworks/aws-fsbp-v1.0.0/efs/02
    • /frameworks/aws-fsbp-v1.0.0/elasticache/01
    • /frameworks/aws-fsbp-v1.0.0/elasticache/03
    • /frameworks/aws-fsbp-v1.0.0/elb/06
    • /frameworks/aws-fsbp-v1.0.0/elb/09
    • /frameworks/aws-fsbp-v1.0.0/elb/10
    • /frameworks/aws-fsbp-v1.0.0/elb/13
    • /frameworks/aws-fsbp-v1.0.0/es/06
    • /frameworks/aws-fsbp-v1.0.0/es/07
    • /frameworks/aws-fsbp-v1.0.0/lambda/05
    • /frameworks/aws-fsbp-v1.0.0/neptune/04
    • /frameworks/aws-fsbp-v1.0.0/network-firewall/09
    • /frameworks/aws-fsbp-v1.0.0/network-firewall/10
    • /frameworks/aws-fsbp-v1.0.0/opensearch/06
    • /frameworks/aws-fsbp-v1.0.0/rds/05
    • /frameworks/aws-fsbp-v1.0.0/rds/07
    • /frameworks/aws-fsbp-v1.0.0/rds/08
    • /frameworks/aws-fsbp-v1.0.0/rds/11
    • /frameworks/aws-fsbp-v1.0.0/rds/15
    • /frameworks/aws-fsbp-v1.0.0/redshift/03
    • /frameworks/aws-fsbp-v1.0.0/redshift/06
    • /frameworks/aws-fsbp-v1.0.0/s3/13
  • Internal
    • ID: dec-c-ba8359e3

Similar Sections (Take Policies From)

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [AutoScaling.2] Amazon EC2 Auto Scaling group should cover multiple Availability Zones1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [AutoScaling.6] Auto Scaling groups should use multiple instance types in multiple Availability Zonesno data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [CloudFront.4] CloudFront distributions should have origin failover configuredno data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [DocumentDB.5] Amazon DocumentDB clusters should have deletion protection enabled1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [DynamoDB.1] DynamoDB tables should automatically scale capacity with demand11no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [DynamoDB.2] DynamoDB tables should have point-in-time recovery enabled11no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [DynamoDB.6] DynamoDB tables should have deletion protection enabledno data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EC2.20] Both VPN tunnels for an AWS Site-to-Site VPN connection should be up1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EFS.2] Amazon EFS volumes should be in backup plansno data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ElastiCache.1] ElastiCache (Redis OSS) clusters should have automatic backups enabled1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ElastiCache.3] ElastiCache replication groups should have automatic failover enabledno data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ELB.6] Application, Gateway, and Network Load Balancers should have deletion protection enabled1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ELB.9] Classic Load Balancers should have cross-zone load balancing enabled1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ELB.10] Classic Load Balancer should span multiple Availability Zones1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ELB.13] Application, Network and Gateway Load Balancers should span multiple Availability Zones1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ES.6] Elasticsearch domains should have at least three data nodes1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ES.7] Elasticsearch domains should be configured with at least three dedicated master nodes1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Lambda.5] VPC Lambda functions should operate in multiple Availability Zones1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Neptune.4] Neptune DB clusters should have deletion protection enabled1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [NetworkFirewall.9] Network Firewall firewalls should have deletion protection enabled1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [NetworkFirewall.10] Network Firewall firewalls should have subnet change protection enabled1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Opensearch.6] OpenSearch domains should have at least three data nodes1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.5] RDS DB instances should be configured with multiple Availability Zones11no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.7] RDS clusters should have deletion protection enabled1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.8] RDS DB instances should have deletion protection enabled1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.11] RDS instances should have automatic backups enabled1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.15] RDS DB clusters should be configured for multiple Availability Zones1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Redshift.3] Amazon Redshift clusters should have automatic snapshots enabled1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Redshift.6] Amazon Redshift should have automatic upgrades to major versions enabled1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [S3.13] S3 general purpose buckets should have Lifecycle configurations11no data

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlagsCompliance

Policies (24)

PolicyLogic CountFlagsCompliance
🛡️ AWS DynamoDB Provisioned Table Auto Scaling is not configured🟢1🟢 x6no data
🛡️ AWS DynamoDB Table does not have on-demand backups in the past 90 days🟢1🟢 x6no data
🛡️ AWS DynamoDB Table Point In Time Recovery is not enabled🟢1🟢 x6no data
🛡️ AWS EC2 Auto Scaling Group does not span multiple Availability Zones🟢1🟢 x6no data
🛡️ AWS ElastiCache Redis Cluster automatic backups are not enabled🟢1🟢 x6no data
🛡️ AWS ELB Load Balancer Cross-Zone Load Balancing is not enabled🟢1🟢 x6no data
🛡️ AWS ELB Load Balancer Deletion Protection is disabled🟢1🟢 x6no data
🛡️ AWS ELB Load Balancer is not registered to multiple Availability Zones🟢1🟢 x6no data
🛡️ AWS Lambda Function is not in multiple Availability Zones🟢1🟢 x6no data
🛡️ AWS MQ ActiveMQ Broker uses the single instance deployment mode🟢1🟢 x6no data
🛡️ AWS Network Firewall Delete Protection is not enabled🟢1🟢 x6no data
🛡️ AWS Network Firewall Subnet Change Protection is not enabled🟢1🟢 x6no data
🛡️ AWS OpenSearch Domain Dedicated Master Count is fewer than three🟢1🟢 x6no data
🛡️ AWS OpenSearch Domain Instance Count is fewer than three🟢1🟢 x6no data
🛡️ AWS RDS Aurora Cluster Multi-AZ Deployment is not enabled🟢1🟢 x6no data
🛡️ AWS RDS Cluster Deletion Protection is not enabled🟢1🟢 x6no data
🛡️ AWS RDS Instance automated backups are not enabled🟢1🟢 x6no data
🛡️ AWS RDS Instance Deletion Protection is not enabled🟢1🟢 x6no data
🛡️ AWS RDS Instance Multi-AZ Deployment is not enabled🟢1🟢 x6no data
🛡️ AWS Redshift Cluster automatic major version upgrade is not enabled🟢1🟢 x6no data
🛡️ AWS Redshift Cluster Automated Snapshot Retention Period is not set🟢1🟢 x6no data
🛡️ AWS S3 Bucket Lifecycle Configuration is not enabled🟢1🟢 x6no data
🛡️ AWS S3 Bucket Versioning is not enabled🟢1🟢 x6no data
🛡️ AWS VPC VPN Connection does not have both Tunnels up🟢1🟢 x6no data