Skip to main content

💼 CC7.1-2 Monitors Infrastructure and Software

Contextual name: 💼 CC7.1-2 Monitors Infrastructure and Software
ID: /frameworks/soc-2/cc7/01/02
Located in: 💼 CC7.1 To meet its objectives, the entity uses detection and monitoring procedures to identify (1) changes to configurations that result in the introduction of new vulnerabilities, and (2) susceptibilities to newly discovered vulnerabilities.

Description

The entity monitors infrastructure and software for noncompliance with the standards, which could threaten the achievement of the entity's objectives.

Similar

Internal
- ID: dec-c-76a3e9d0

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (11)

Policy	Logic Count	Flags
📝 AWS CloudTrail Log File Validation is not enabled 🟢	1	🟢 x6
📝 Azure Diagnostic Setting for Azure Key Vault is not enabled 🟢		🟢 x3
📝 Azure PostgreSQL Flexible Server log_checkpoints Parameter is not set to ON 🟢	1	🟢 x6
📝 Azure PostgreSQL Flexible Server log_retention_days Parameter is less than 4 days 🟢	1	🟢 x6
📝 Azure PostgreSQL Single Server log_connections Parameter is not set to ON 🟢	1	🟢 x6
📝 Azure PostgreSQL Single Server log_disconnections Parameter is not set to ON 🟢	1	🟢 x6
📝 Azure SQL Server Auditing is not enabled 🟢	1	🟢 x6
📝 Azure SQL Server Auditing Retention is less than 90 days 🟢	1	🟢 x6
📝 Google Cloud SQL Server Instance 3625 (trace flag) Database Flag is not set to on 🟢	1	🟢 x6
📝 Google Cloud SQL Server Instance user connections Database Flag is set to a limiting (other than 0) value 🟢	1	🟢 x6
📝 Google Cloud SQL Server Instance user options Database Flag is configured 🟢	1	🟢 x6

Internal Rules

Rule	Policies	Flags
✉️ dec-x-0c82d775	1
✉️ dec-x-9b79d91f	1
✉️ dec-x-24bba483	1
✉️ dec-x-36ced3d1	1
✉️ dec-x-89d5ed7a	1
✉️ dec-x-1518c16e	1
✉️ dec-x-b1e1a494	1
✉️ dec-x-b2ce0ca1	1

Description
Similar
Sub Sections
Policies (11)
Internal Rules