2.2 KiB
| implementation-status | control-origination | |||||
|---|---|---|---|---|---|---|
|
|
si-4.4 - [catalog] Inbound and Outbound Communications Traffic
Control Statement
-
[a] Determine criteria for unusual or unauthorized activities or conditions for inbound and outbound communications traffic;
-
[b] Monitor inbound and outbound communications traffic organization-defined frequency for organization-defined unusual or unauthorized activities or conditions.
Control guidance
Unusual or unauthorized activities or conditions related to system inbound and outbound communications traffic includes internal traffic that indicates the presence of malicious code or unauthorized use of legitimate code or credentials within organizational systems or propagating among system components, signaling to external systems, and the unauthorized exporting of information. Evidence of malicious code or unauthorized use of legitimate code or credentials is used to identify potentially compromised systems or system components.
Control assessment-objective
criteria for unusual or unauthorized activities or conditions for inbound communications traffic are defined; criteria for unusual or unauthorized activities or conditions for outbound communications traffic are defined; inbound communications traffic is monitored frequency for unusual or unauthorized activities or conditions; outbound communications traffic is monitored frequency for unusual or unauthorized activities or conditions.
What is the solution and how is it implemented?
Implementation (a)
Add control implementation description here for item si-4.4_smt.a
Implementation (b)
Add control implementation description here for item si-4.4_smt.b