>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SI-4System Monitoring

>Control Description

a

Monitor the system to detect:

1.

Attacks and indicators of potential attacks in accordance with the following monitoring objectives:

a

Intrusion detection and prevention

b

Malicious code protection

c

Vulnerability scanning

d

Audit record monitoring

e

Network monitoring

f

Firewall monitoring; and

2.

Unauthorized local, network, and remote connections;

b

Identify unauthorized use of the system through the following techniques and methods: event logging (ref. 5.4 Audit and Accountability);

c

Invoke internal monitoring capabilities or deploy monitoring devices:

1.

Strategically within the system to collect organization-determined essential information; and

2.

At ad hoc locations within the system to track specific types of transactions of interest to the organization;

d

Analyze detected events and anomalies;

e

Adjust the level of system monitoring activity when there is a change in risk to organizational operations and assets, individuals, other organizations, or the Nation;

f

Obtain legal opinion regarding system monitoring activities; and

g

Provide intrusion detection and prevention systems, malicious code protection software, scanning tools, audit record monitoring software, network monitoring, and firewall monitoring software logs to organizational personnel with information security responsibilities weekly.

>Cross-Framework Mappings

SCF

MON-01
Compare
MON-02
Compare
NET-12
Compare
TDA-18
Compare

Ask AI

Configure your API key to use AI features.