compliance controls are associated with this Policy definition 'Verify security functions' (ece8bb17-4080-5127-915f-dc7267ee8549)
| Control Domain |
Control |
Name |
MetadataId |
Category |
Title |
Owner |
Requirements |
Description |
Info |
Policy# |
| CIS_Azure_1.1.0 |
6.5 |
CIS_Azure_1.1.0_6.5 |
CIS Microsoft Azure Foundations Benchmark recommendation 6.5 |
6 Networking |
Ensure that Network Watcher is 'Enabled' |
Shared |
The customer is responsible for implementing this recommendation. |
Enable Network Watcher for Azure subscriptions. |
link |
2 |
| CIS_Azure_1.3.0 |
6.5 |
CIS_Azure_1.3.0_6.5 |
CIS Microsoft Azure Foundations Benchmark recommendation 6.5 |
6 Networking |
Ensure that Network Watcher is 'Enabled' |
Shared |
The customer is responsible for implementing this recommendation. |
Enable Network Watcher for Azure subscriptions. |
link |
2 |
| CIS_Azure_1.4.0 |
6.5 |
CIS_Azure_1.4.0_6.5 |
CIS Microsoft Azure Foundations Benchmark recommendation 6.5 |
6 Networking |
Ensure that Network Watcher is 'Enabled' |
Shared |
The customer is responsible for implementing this recommendation. |
Enable Network Watcher for Azure subscriptions. |
link |
2 |
| CIS_Azure_2.0.0 |
6.6 |
CIS_Azure_2.0.0_6.6 |
CIS Microsoft Azure Foundations Benchmark recommendation 6.6 |
6 |
Ensure that Network Watcher is 'Enabled' |
Shared |
There are additional costs per transaction to run and store network data. For high-volume networks these charges will add up quickly. |
Enable Network Watcher for Azure subscriptions.
Network diagnostic and visualization tools available with Network Watcher help users understand, diagnose, and gain insights to the network in Azure. |
link |
2 |
| FedRAMP_High_R4 |
SI-6 |
FedRAMP_High_R4_SI-6 |
FedRAMP High SI-6 |
System And Information Integrity |
Security Function Verification |
Shared |
n/a |
The information system:
a. Verifies the correct operation of [Assignment: organization-defined security functions];
b. Performs this verification [Selection (one or more): [Assignment: organization-defined system transitional states]; upon command by user with appropriate privilege; [Assignment: organization-defined frequency]];
c. Notifies [Assignment: organization-defined personnel or roles] of failed security verification tests; and
d. [Selection (one or more): shuts the information system down; restarts the information system; [Assignment: organization-defined alternative action(s)]] when anomalies are discovered.
Supplemental Guidance: Transitional states for information systems include, for example, system startup, restart, shutdown, and abort. Notifications provided by information systems include, for example, electronic alerts to system administrators, messages to local computer consoles, and/or hardware indications such as lights. Related controls: CA-7, CM-6.
References: None. |
link |
4 |
| FedRAMP_Moderate_R4 |
SI-6 |
FedRAMP_Moderate_R4_SI-6 |
FedRAMP Moderate SI-6 |
System And Information Integrity |
Security Function Verification |
Shared |
n/a |
The information system:
a. Verifies the correct operation of [Assignment: organization-defined security functions];
b. Performs this verification [Selection (one or more): [Assignment: organization-defined system transitional states]; upon command by user with appropriate privilege; [Assignment: organization-defined frequency]];
c. Notifies [Assignment: organization-defined personnel or roles] of failed security verification tests; and
d. [Selection (one or more): shuts the information system down; restarts the information system; [Assignment: organization-defined alternative action(s)]] when anomalies are discovered.
Supplemental Guidance: Transitional states for information systems include, for example, system startup, restart, shutdown, and abort. Notifications provided by information systems include, for example, electronic alerts to system administrators, messages to local computer consoles, and/or hardware indications such as lights. Related controls: CA-7, CM-6.
References: None. |
link |
4 |
| hipaa |
0204.09j2Organizational.1-09.j |
hipaa-0204.09j2Organizational.1-09.j |
0204.09j2Organizational.1-09.j |
02 Endpoint Protection |
0204.09j2Organizational.1-09.j 09.04 Protection Against Malicious and Mobile Code |
Shared |
n/a |
Scans for malicious software are performed on boot and every 12 hours. |
|
11 |
| NIST_SP_800-53_R4 |
SI-6 |
NIST_SP_800-53_R4_SI-6 |
NIST SP 800-53 Rev. 4 SI-6 |
System And Information Integrity |
Security Function Verification |
Shared |
n/a |
The information system:
a. Verifies the correct operation of [Assignment: organization-defined security functions];
b. Performs this verification [Selection (one or more): [Assignment: organization-defined system transitional states]; upon command by user with appropriate privilege; [Assignment: organization-defined frequency]];
c. Notifies [Assignment: organization-defined personnel or roles] of failed security verification tests; and
d. [Selection (one or more): shuts the information system down; restarts the information system; [Assignment: organization-defined alternative action(s)]] when anomalies are discovered.
Supplemental Guidance: Transitional states for information systems include, for example, system startup, restart, shutdown, and abort. Notifications provided by information systems include, for example, electronic alerts to system administrators, messages to local computer consoles, and/or hardware indications such as lights. Related controls: CA-7, CM-6.
References: None. |
link |
4 |
| NIST_SP_800-53_R5 |
SI-6 |
NIST_SP_800-53_R5_SI-6 |
NIST SP 800-53 Rev. 5 SI-6 |
System and Information Integrity |
Security and Privacy Function Verification |
Shared |
n/a |
a. Verify the correct operation of [Assignment: organization-defined security and privacy functions];
b. Perform the verification of the functions specified in SI-6a [Selection (OneOrMore): [Assignment: organization-defined system transitional states] ;upon command by user with appropriate privilege; [Assignment: organization-defined frequency] ] ;
c. Alert [Assignment: organization-defined personnel or roles] to failed security and privacy verification tests; and
d. [Selection (OneOrMore): Shut the system down;Restart the system; [Assignment: organization-defined alternative action(s)] ] when anomalies are discovered. |
link |
4 |
| PCI_DSS_v4.0 |
10.7.1 |
PCI_DSS_v4.0_10.7.1 |
PCI DSS v4.0 10.7.1 |
Requirement 10: Log and Monitor All Access to System Components and Cardholder Data |
Failures of critical security control systems are detected, reported, and responded to promptly |
Shared |
n/a |
Failures of critical security control systems are detected, alerted, and addressed promptly, including but not limited to failure of the following critical security control systems:
• Network security controls
• IDS/IPS
• FIM
• Anti-malware solutions
• Physical access controls
• Logical access controls
• Audit logging mechanisms
• Segmentation controls (if used) |
link |
5 |
| PCI_DSS_v4.0 |
10.7.2 |
PCI_DSS_v4.0_10.7.2 |
PCI DSS v4.0 10.7.2 |
Requirement 10: Log and Monitor All Access to System Components and Cardholder Data |
Failures of critical security control systems are detected, reported, and responded to promptly |
Shared |
n/a |
Failures of critical security control systems are detected, alerted, and addressed promptly, including but not limited to failure of the following critical security control systems:
• Network security controls
• IDS/IPS
• Change-detection mechanisms
• Anti-malware solutions
• Physical access controls
• Logical access controls
• Audit logging mechanisms
• Segmentation controls (if used)
• Audit log review mechanisms
• Automated security testing tools (if used) |
link |
5 |
| PCI_DSS_v4.0 |
10.7.3 |
PCI_DSS_v4.0_10.7.3 |
PCI DSS v4.0 10.7.3 |
Requirement 10: Log and Monitor All Access to System Components and Cardholder Data |
Failures of critical security control systems are detected, reported, and responded to promptly |
Shared |
n/a |
Failures of any critical security controls systems are responded to promptly, including but not limited to:
• Restoring security functions.
• Identifying and documenting the duration (date and time from start to end) of the security failure.
• Identifying and documenting the cause(s) of failure and documenting required remediation.
• Identifying and addressing any security issues that arose during the failure.
• Determining whether further actions are required as a result of the security failure.
• Implementing controls to prevent the cause of failure from reoccurring.
• Resuming monitoring of security controls. |
link |
4 |