Embedded Files
This page is classified as INTERNAL.
NIST 800-53 (r4) Control:
The organization implements [Assignment: organization-defined host-based monitoring mechanisms] at [Assignment: organization-defined information system components].
NIST 800-53 (r4) Supplemental Guidance:
Information system components where host-based monitoring can be implemented include, for example, servers, workstations, and mobile devices. Organizations consider employing host-based monitoring mechanisms from multiple information technology product developers.
NIST 800-53 (r5) Discussion:
Host-based monitoring collects information about the host (or system in which it resides). System components in which host-based monitoring can be implemented include servers, notebook computers, and mobile devices. Organizations may consider employing host-based monitoring mechanisms from multiple product developers or vendors.
38North Guidance:
Meets Minimum Requirement:
Configure and deploy host-based monitoring (e.g., OSSEC) to monitor all components within the boundary for host-based monitoring and ensure there is adequate review of the audit records to track any discrepancies in POA&Ms to closure.
Best Practice: None
Unofficial FedRAMP Guidance: None
Assessment Evidence:
Configurations of host-based monitoring solution(s) (e.g., OSSEC)
CSP Implementation Tips: None
Page updated
Report abuse