System Security Plan (ssp) Categorization: Moderate-Low-Low


AC-4 – Information Flow Enforcement



Yüklə 1,92 Mb.
səhifə8/29
tarix16.05.2018
ölçüsü1,92 Mb.
#50588
1   ...   4   5   6   7   8   9   10   11   ...   29

10.2.4AC-4 – Information Flow Enforcement


Recommended Continuous Monitoring Frequency: Semi-Annual

Program Frequency:

Choose an item.

Implementation Status:

 Implemented  Planned

Organizational Tailoring:

 Compensatory Control (Provide justification below)  Tailored In (Provide justification below)

 Tailored Out (Provide justification below)  Modified (Provide justification below)


Control Origination (check all that apply):

 Common  System Specific  Hybrid (Common and System Specific)



The information system enforces approved authorizations for controlling the flow of information within the system and between interconnected systems.

Specific examples of flow control enforcement can be found in boundary protection devices (e.g., proxies, gateways, guards, encrypted tunnels, firewalls, and routers). These devices employ rule sets or establish configuration settings that restrict information system services, provide a packet-filtering capability based on header information, or provide message-filtering capabilities based on content (e.g., using key word searches or document characteristics). Within the environment, information flow control is provided by the infrastructure via the implementation of various boundary protection devices.




Click here to enter text.



CONTINUOUS MONITORING STRATEGY

Click here to enter text.

10.2.5AC-5 – Separation of Duties (+ Classified Overlay)


Recommended Continuous Monitoring Frequency: Annual


Program Frequency:

Choose an item.
Implementation Status:

 Implemented  Planned

Organizational Tailoring:

 Compensatory Control (Provide justification below)  Tailored In (Provide justification below)

 Tailored Out (Provide justification below)  Modified (Provide justification below)

Control Origination (check all that apply):

 Common  System Specific  Hybrid (Common and System Specific)

Insider threat mitigation requirements mandate that system administrators should not also perform security audit administration functions without specific DAO approval and the implementation of compensatory measures. The Data Transfer Agent (DTA) and the TPI Media Custodian shall not be the same individual. The organization:

Separates at a minimum duties of indivuiduals as necessary

Click here to enter text.

Documents separation of duties

Click here to enter text.

Defines information system access authorizations to support separation of duties

Click here to enter text.

CONTINUOUS MONITORING STRATEGY

Click here to enter text.


10.2.6AC-6 – Least Privilege (+ Classified Overlay)


.

Recommended Continuous Monitoring Frequency: Annually

Program Frequency:

Choose an item.

Implementation Status:

 Implemented  Planned

Organizational Tailoring:

 Compensatory Control (Provide justification below)  Tailored In (Provide justification below)

 Tailored Out (Provide justification below)  Modified (Provide justification below)


Control Origination (check all that apply):

 Common  System Specific  Hybrid (Common and System Specific)



The organization employs the principle of least privilege, allowing only authorized accesses for users (or processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions.

The organization enforces the most restrictive set of rights/privileges or access needed by users for the performance of specific tasks. The organization also ensures that users who must access Program information or records containing PII only have access to the information necessary to perform their assigned tasks.

For example, system administrators, security administrators, and database administrators perform functions that do not require use of their fully privileged account. They shall, therefore, use a separate general user account and are required to use that account when not performing privileged functions. [AC-6(2)] Individual email accounts should not be used when logged in as a privileged user. Other examples of least privilege include restricting access to audit logs to security auditors, preventing general users from installing software, and/or limiting access to media drives to DTAs that have been formally trained.

In accordance with Insider Threat Mitigation Guidance, ISSM will ensure that the number of privileged users is kept to a minimum and conduct an internal review of all privileged users and their associated permissions quarterly and report to the AO annually or if there has been a change in privileged users. Note: DTAs are considered privileged users with limited, specific elevated privileges.



Click here to enter text.



CONTINUOUS MONITORING STRATEGY

Click here to enter text.

10.2.6.1AC-6(1) – Least Privilege: Authorize Access to Security Functions


Recommended Continuous Monitoring Frequency: Semi-Annual

Program Frequency:

Choose an item.

Implementation Status:

 Implemented  Planned

Organizational Tailoring:

 Compensatory Control (Provide justification below)  Tailored In (Provide justification below)

 Tailored Out (Provide justification below)  Modified (Provide justification below)


Control Origination (check all that apply):

 Common  System Specific  Hybrid (Common and System Specific)



The organization explicitly authorizes access to systems and/or software that provide security relevant functions (e.g., USB ports, I/O ports, CD/DVD drives, etc.). This control supports insider threat mitigation.

All classified information systems must technically enforce restrictions on the ability to write to removable media. By default, all write functionality must be disabled. Whenever access to writable removable media is necessary, the write functionality may be enabled, but this must be logged. After the write functions are completed, the write functionality must again be disabled and logged.

Ensure media access is audited as indicated in AU-2.a. Limiting access to security functions to a limited set of authorized personnel reduces the number of individuals able to perform security functions, such as configuring permissions, setting audit logs, etc. At a minimum, all IS must technically enforce restrictions on the ability to write to removable media; e.g., all CD/DVD write functionality must be disabled by default and enabled only when required for the execution of an approved data transfer.


Click here to enter text.



CONTINUOUS MONITORING STRATEGY

Click here to enter text.

10.2.6.2AC-6(2) – Least Privilege: Non-Privileged Access for Non-Security Functions


This MLL baseline control is also required by the Privacy Overlay for IS that process, store or transmit privacy information.

Recommended Continuous Monitoring Frequency: Semi-Annual

Program Frequency:

Choose an item.

Implementation Status:

 Implemented  Planned

Organizational Tailoring:

 Compensatory Control (Provide justification below)  Tailored In (Provide justification below)

 Tailored Out (Provide justification below)  Modified (Provide justification below)


Control Origination (check all that apply):

 Common  System Specific  Hybrid (Common and System Specific)



The organization requires that users of information system accounts, or roles, with access to privileged functions use non-privileged accounts, or roles when accessing other system functions, and if feasible, audits any use of privileged accounts or roles for such functions. They shall, therefore, use a separate general user account and are required to use that account when not performing privileged functions. Requiring users with elevated privileges to use separate accounts enables more accurate audit of privileged user actions. Organizations should also establish a separate privileged account specific to DTA activities. This control supports insider threat mitigation.

Click here to enter text.



CONTINUOUS MONITORING STRATEGY

Click here to enter text.

10.2.6.3AC-6(5) – Least Privilege: Privileged Accounts


Recommended Continuous Monitoring Frequency: Semi-Annual

Program Frequency:

Choose an item.

Implementation Status:

 Implemented  Planned

Organizational Tailoring:

 Compensatory Control (Provide justification below)  Tailored In (Provide justification below)

 Tailored Out (Provide justification below)  Modified (Provide justification below)


Control Origination (check all that apply):

 Common  System Specific  Hybrid (Common and System Specific)



The organization limits privileged user accounts to the absolute minimum number of privileged users needed to manage the system. In addition, super-user/root accounts shall be limited to the maximum extent possible. For example, not all privileged users will be granted full super-user/root access.

Click here to enter text.



CONTINUOUS MONITORING STRATEGY

Click here to enter text.

10.2.6.4AC-6(7) – Least Privilege: Review of User Privileges (+ Classified Overlay) (- Standalone Overlay) – NEW BASELINE


After a relevance determination, this control can be tailored out for standalone IS with a single user.

Recommended Continuous Monitoring Frequency: Annual


Program Frequency:

Choose an item.
Implementation Status:

 Implemented  Planned

Organizational Tailoring:

 Compensatory Control (Provide justification below)  Tailored In (Provide justification below)

 Tailored Out (Provide justification below)  Modified (Provide justification below)

Control Origination (check all that apply):

 Common  System Specific  Hybrid (Common and System Specific)

The Presidential Memo, National Insider Threat Policy and Minimum Standards for Insider Threat Programs, November 21, 2012, and DoDD 5205.16, The DoD Insider Threat Program, 30 Sep 2014, require that organizations develop insider threat programs to include reporting the status of privileged users (e.g., total number, additions, deletions) on a quarterly basis. Programs will report to the Special Programs Office.

The organization:

Reviews at least annually the privileges assigned to privileged user accounts to include the DTA to validate the need for such privileges

Click here to enter text.

Reassigns or removes privileges, if necessary to correctly reflect organizational mission/business needs

Click here to enter text.

CONTINUOUS MONITORING STRATEGY

Click here to enter text.

10.2.6.5AC-6(8) – Least Privilege: Privilege Levels for Code Execution – NEW BASELINE


Recommended Continuous Monitoring Frequency: Semi-Annual

Program Frequency:

Choose an item.

Implementation Status:

 Implemented  Planned

Organizational Tailoring:

 Compensatory Control (Provide justification below)  Tailored In (Provide justification below)

 Tailored Out (Provide justification below)  Modified (Provide justification below)


Control Origination (check all that apply):

 Common  System Specific  Hybrid (Common and System Specific)



The information system prevents all software applications/programs from executing at higher levels than users executing the application/program.

Organizations shall maintain inventory of software in use and mechanism used to enforce and ensure this control.

Example: To maintain system integrity most systems restrict the ability of an application to install other software (including reinstalling itself). Windows users (from Vista on) are familiar with User Account Control (UAC) popup or the need to right click and "Run as Administrator" in order to install an application. Linux users are familiar with a "su" or "sudo" to root privilege to install applications.


Click here to enter text.



CONTINUOUS MONITORING STRATEGY

Click here to enter text.

10.2.6.6AC-6(9) – Least Privilege: Auditing Use of Privileged Functions – NEW BASELINE


Recommended Continuous Monitoring Frequency: Annually

Program Frequency:

Choose an item.

Implementation Status:

 Implemented  Planned

Organizational Tailoring:

 Compensatory Control (Provide justification below)  Tailored In (Provide justification below)

 Tailored Out (Provide justification below)  Modified (Provide justification below)


Control Origination (check all that apply):

 Common  System Specific  Hybrid (Common and System Specific)



The information system audits the execution of privileged functions.

Privileged functions have elevated permissions to access, or grant access to Program information and/or PII. Accountability requires the ability to detect, trace, and audit privileged functions. The information system prevents all applications/programs from executing at higher levels than users executing the application/program. This control supports insider threat mitigation.



Click here to enter text.



CONTINUOUS MONITORING STRATEGY

Click here to enter text.

10.2.6.7AC-6(10) – Least Privilege: Prohibit Non-Privileged Users from Executing Privileged Functions – NEW BASELINE


Recommended Continuous Monitoring Frequency: Semi-Annual

Program Frequency:

Choose an item.

Implementation Status:

 Implemented  Planned

Organizational Tailoring:

 Compensatory Control (Provide justification below)  Tailored In (Provide justification below)

 Tailored Out (Provide justification below)  Modified (Provide justification below)


Control Origination (check all that apply):

 Common  System Specific  Hybrid (Common and System Specific)



The information system prevents non-privileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasuresThis control supports insider threat mitigation.

Click here to enter text.



CONTINUOUS MONITORING STRATEGY

Click here to enter text.

Yüklə 1,92 Mb.

Dostları ilə paylaş:
1   ...   4   5   6   7   8   9   10   11   ...   29




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©muhaz.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin