Navigate

CCI-001277

CCI-001277 Definition

The organization develops profiles representing common traffic patterns and/or events.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed develops and documents profiles representing common traffic patterns and/or events.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented profiles to ensure the organization being inspected/assessed develops profiles representing common traffic patterns and/or events.

Compelling Evidence

1.) Signed and dated system security plan reference to section that pertains to profiles representing common traffic patterns and/or events.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001277.

Control	Description
SI-4 (13)	The organization: SI-4 (13)(a): Analyzes communications traffic/event patterns for the information system; SI-4 (13)(b): Develops profiles representing common traffic patterns and/or events; and SI-4 (13)(c): Uses the traffic/event profiles in tuning system-monitoring devices to reduce the number of false positives and the number of false negatives.