Skip to main content

💼 CC6.1-7 Restricts Access to Information Assets

Contextual name: 💼 CC6.1-7 Restricts Access to Information Assets
ID: /frameworks/soc-2/cc6/01/07
Located in: 💼 CC6.1 The entity implements logical access security software, infrastructure, and architectures over protected information assets to protect them from security events to meet the entity's objectives.

Description

Combinations of data classification, separate data structures, port restrictions, access protocol restrictions, user identification, and digital certificates are used to establish access control rules for information assets.

Similar

Internal
- ID: dec-c-ea331b08

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (12)

Policy	Logic Count	Flags
📝 AWS EC2 Security Group allows public IPv4 (0.0.0.0/0) access to admin ports 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows public IPv6 (::/0) access to admin ports 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows unrestricted DNS traffic 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows unrestricted FTP traffic 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows unrestricted ICMP traffic 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows unrestricted NetBIOS traffic 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows unrestricted RPC traffic 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows unrestricted SMTP traffic 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows unrestricted traffic to MSSQL 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows unrestricted traffic to MySQL 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows unrestricted traffic to PostgreSQL 🟢	1	🟢 x6
📝 Azure Storage Account Allow Blob Anonymous Access is set enabled 🟢	1	🟢 x6

Internal Rules

Rule	Policies	Flags
✉️ dec-x-3e379c67	1
✉️ dec-x-6eab9b88	1
✉️ dec-x-11c3009f	1
✉️ dec-x-42a09084	1
✉️ dec-x-293ab45b	1
✉️ dec-x-66358b45	1
✉️ dec-x-083928f5	1
✉️ dec-x-bcae85fb	2
✉️ dec-x-ca1c0c0d	1
✉️ dec-x-f12d78aa	1
✉️ dec-z-dbeeed9f	1
✉️ dec-z-f778950c	1

Description
Similar
Sub Sections
Policies (12)
Internal Rules