Navigate

CCI-002372

CCI-002372 Definition

The organization correlates the output from vulnerability scanning tools to determine the presence of multi-vulnerability/multi-hop attack vectors.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed documents and implements a process to correlate the output from vulnerability scanning tools to determine the presence of multi-vulnerability/multi-hop attack vectors.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented process to ensure the organization being inspected/assessed correlates the output from vulnerability scanning tools to determine the presence of multi-vulnerability/ multi-hop attack vectors.

Compelling Evidence

1.) Standard operating procedure (SOP). 2.) Reference to standard operating procedure (SOP) section for analyzing the vulnerability scans procedure.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002372.

Control	Description
RA-5 (10)	The organization correlates the output from vulnerability scanning tools to determine the presence of multi-vulnerability/multi-hop attack vectors.