CCI-001097

Monitor and control communications at the external managed interfaces to the system and at key managed interfaces within the system.

Implementation Guidance

Determine if: - communications at external managed interfaces to the system are monitored. - communications at external managed interfaces to the system are controlled. - communications at key internal managed interfaces within the system are monitored. - communications at key internal managed interfaces within the system are controlled.

Validation Procedures

Examine: [SELECT FROM: System and communications protection policy; procedures addressing boundary protection; list of key internal boundaries of the system; system design documentation; boundary protection hardware and software; system configuration settings and associated documentation; enterprise security architecture documentation; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security responsibilities; system developer; organizational personnel with boundary protection responsibilities]. Test: [SELECT FROM: Mechanisms implementing boundary protection capabilities].

The controls below (if any) were marked by NIST as being related to CCI-001097.