💼 SC-7(10) Boundary Protection | Prevent Exfiltration

• ID: /frameworks/nist-sp-800-53-r5/sc/07/10

Stats

not available

Description

(a) Prevent the exfiltration of information; and (b) Conduct exfiltration tests [Assignment: organization-defined frequency].

Similar

• Sections
  • /frameworks/aws-fsbp-v1.0.0/api-gateway/05
  • /frameworks/aws-fsbp-v1.0.0/cloudtrail/02
  • /frameworks/aws-fsbp-v1.0.0/documentdb/01
  • /frameworks/aws-fsbp-v1.0.0/dynamodb/03
  • /frameworks/aws-fsbp-v1.0.0/ec2/03
  • /frameworks/aws-fsbp-v1.0.0/ec2/07
  • /frameworks/aws-fsbp-v1.0.0/efs/01
  • /frameworks/aws-fsbp-v1.0.0/elasticache/04
  • /frameworks/aws-fsbp-v1.0.0/es/01
  • /frameworks/aws-fsbp-v1.0.0/kinesis/01
  • /frameworks/aws-fsbp-v1.0.0/neptune/01
  • /frameworks/aws-fsbp-v1.0.0/neptune/06
  • /frameworks/aws-fsbp-v1.0.0/rds/03
  • /frameworks/aws-fsbp-v1.0.0/rds/04
  • /frameworks/aws-fsbp-v1.0.0/rds/09
  • /frameworks/aws-fsbp-v1.0.0/rds/27
  • /frameworks/aws-fsbp-v1.0.0/rds/40
  • /frameworks/aws-fsbp-v1.0.0/rds/42
  • /frameworks/aws-fsbp-v1.0.0/redshift/03
  • /frameworks/aws-fsbp-v1.0.0/sqs/01
  • /frameworks/aws-fsbp-v1.0.0/waf/12
• Internal
  • ID: dec-c-9200617a

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [APIGateway.5] API Gateway REST API cache data should be encrypted at rest					no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [CloudTrail.2] CloudTrail should have encryption at-rest enabled			1		no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [DocumentDB.1] Amazon DocumentDB clusters should be encrypted at rest			1		no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [DynamoDB.3] DynamoDB Accelerator (DAX) clusters should be encrypted at rest		1	1		no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EC2.3] Attached Amazon EBS volumes should be encrypted at-rest			3		no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EC2.7] EBS default encryption should be enabled		1	1		no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EFS.1] Elastic File System should be configured to encrypt file data at-rest using AWS KMS		1	2		no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ElastiCache.4] ElastiCache replication groups should be encrypted at rest			1		no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ES.1] Elasticsearch domains should have encryption at-rest enabled			1		no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Kinesis.1] Kinesis streams should be encrypted at rest			1		no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Neptune.1] Neptune DB clusters should be encrypted at rest			1		no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Neptune.6] Neptune DB cluster snapshots should be encrypted at rest			1		no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.3] RDS DB instances should have encryption at-rest enabled		1	1		no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.4] RDS cluster snapshots and database snapshots should be encrypted at rest			1		no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.9] RDS DB instances should publish logs to CloudWatch Logs			1		no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.27] RDS DB clusters should be encrypted at rest			1		no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.40] RDS for SQL Server DB instances should publish logs to CloudWatch Logs			1		no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.42] RDS for MariaDB DB instances should publish logs to CloudWatch Logs			1		no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Redshift.3] Amazon Redshift clusters should have automatic snapshots enabled			1		no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [SQS.1] Amazon SQS queues should be encrypted at rest					no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [WAF.12] AWS WAF rules should have CloudWatch metrics enabled					no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 FedRAMP High Security Controls → 💼 SC-7(10) Prevent Exfiltration (H)			18		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (18)

Policy	Logic Count	Flags	Compliance
🛡️ AWS Account EBS Volume Encryption Attribute is not enabled in all regions🟢	1	🟢 x6	no data
🛡️ AWS CloudTrail is not encrypted with KMS CMK🟢	1	🟢 x6	no data
🛡️ AWS DAX Cluster Server-Side Encryption is not enabled🟢	1	🟢 x6	no data
🛡️ AWS EBS Attached Volume is not encrypted🟢	1	🟢 x6	no data
🛡️ AWS EBS Attached Volume is not encrypted with KMS CMK🟢	1	🟢 x6	no data
🛡️ AWS EBS Snapshot is not encrypted🟢	1	🟢 x6	no data
🛡️ AWS EFS File System encryption is not enabled🟢	1	🟢 x6	no data
🛡️ AWS EFS File System is not encrypted with KMS CMK🟢	1	🟢 x6	no data
🛡️ AWS ElastiCache Replication Group is not encrypted at rest🟢	1	🟢 x6	no data
🛡️ AWS Kinesis Stream is not encrypted at rest🟢	1	🟢 x6	no data
🛡️ AWS OpenSearch Domain is not encrypted at rest🟢	1	🟢 x6	no data
🛡️ AWS RDS Cluster Encryption is not enabled🟢	1	🟢 x6	no data
🛡️ AWS RDS Instance database logging is not enabled🟢	1	🟢 x6	no data
🛡️ AWS RDS Instance Encryption is not enabled🟢	1	🟢 x6	no data
🛡️ AWS RDS Snapshot is not encrypted🟢	1	🟢 x6	no data
🛡️ AWS Redshift Cluster Automated Snapshot Retention Period is not set🟢	1	🟢 x6	no data
🛡️ AWS S3 Bucket is not encrypted with a KMS key🟢	1	🟢 x6	no data
🛡️ AWS SNS Topic is not encrypted with a KMS key🟢	1	🟢 x6	no data