CCI-002657

The organization employs automated tools to integrate intrusion detection tools into access control mechanisms for rapid response to attacks by enabling reconfiguration of these mechanisms in support of attack isolation and elimination.

Implementation Guidance

The organization being inspected/assessed documents and implements automated tools to integrate intrusion detection tools into access control mechanisms for rapid response to attacks by enabling reconfiguration of these mechanisms in support of attack isolation and elimination.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines documentation of the use of the identified automated tools to ensure the organization being inspected/assessed employs automated tools to integrate intrusion detection tools into access control mechanisms for rapid response to attacks by enabling reconfiguration of these mechanisms in support of attack isolation and elimination. The organization being inspected/assessed may be required to demonstrate use of their automated tools.

Compelling Evidence

1.) Signed and dated system security plan with reference to system security plan section pertaining to the use of the identified automated tools to ensure the site employs automated tools to integrate intrusion detection tools into access control mechanisms for rapid response to attacks by enabling reconfiguration of these mechanisms in support of attack isolation and elimination. 2.) Logs and implementation documentation of the documented automated tools.

The controls below (if any) were marked by NIST as being related to CCI-002657.