Embedded Files
This page is classified as INTERNAL.
NIST 800-53 (r4) Control:
The information system detects network services that have not been authorized or approved by [Assignment: organization-defined authorization or approval processes] and [Selection (one or more): audits; alerts [Assignment: organization-defined personnel or roles]].
NIST 800-53 (r4) Supplemental Guidance:
Unauthorized or unapproved network services include, for example, services in service-oriented architectures that lack organizational verification or validation and therefore may be unreliable or serve as malicious rogues for valid services. Related controls: AC-6, CM-7, SA-5, SA-9.
NIST 800-53 (r5) Discussion:
Unauthorized or unapproved network services include services in service-oriented architectures that lack organizational verification or validation and may therefore be unreliable or serve as malicious rogues for valid services.
38North Guidance:
Meets Minimum Requirement:
Employ mechanisms (e.g., firewalls, SIEM, etc.) to detect the presence of unauthorized/unapproved network services. Network traffic that has not been authorized or approved, is audited, and/or generates an alert for designated personnel.
Best Practice: None
Unofficial FedRAMP Guidance: None
Assessment Evidence:
Configurations of solution(s) detecting the presence of unauthorized/unapproved network services.
Penetration test results.
Authenticated vulnerability scan analysis.
CSP Implementation Tips: None
Page updated
Report abuse