An error occurred:

CCIs

Number Definition Status Related
CCI-001261 The organization employs automated tools to integrate intrusion detection tools into access control and flow control mechanisms for rapid response to attacks by enabling reconfiguration of these mechanisms in support of attack isolation and elimination. Draft
CCI-001262 The information system monitors inbound and outbound communications for unusual or unauthorized activities or conditions. Draft
CCI-001263 The information system provides near real-time alerts when any of the organization-defined list of compromise or potential compromise indicators occurs. Draft
CCI-001264 Defines the indicators of compromise or potential compromise which will result in system alerts being provided to organization-defined personnel or roles. Draft SI-4(5)
CCI-001265 The information system prevents non-privileged users from circumventing intrusion detection and prevention capabilities. Draft
CCI-001266 Notify an organization-defined incident response personnel (identified by name and/or by role) of detected suspicious events. Draft SI-4(7)
CCI-001267 Defines incident response personnel (identified by name and/or by role) to be notified of detected suspicious events. Draft SI-4(7)
CCI-001268 Defines the least-disruptive actions to be taken by system to terminate suspicious events. Draft SI-4(7)
CCI-001269 The organization protects information obtained from intrusion monitoring tools from unauthorized access, modification, and deletion. Draft
CCI-001270 Test intrusion monitoring tools at an organization-defined frequency. Draft SI-4(9)
CCI-001271 Defines the frequency for testing intrusion monitoring tools. Draft SI-4(9)
CCI-001272 The organization makes provisions so encrypted traffic is visible to information system monitoring tools. Draft
CCI-001273 Analyze outbound communications traffic at the external interfaces to the system to discover anomalies. Draft SI-4(11)
CCI-001274 Alert organization-defined personnel or roles using organization-defined automated mechanisms when inappropriate or unusual activities with security or privacy implications. Draft SI-4(12)
CCI-001275 Defines the activities which will trigger alerts to security personnel of inappropriate or unusual activities. Draft SI-4(12)
CCI-001276 Analyze communications traffic and event patterns for the system. Draft SI-4(13)
CCI-001277 Develop profiles representing common traffic and event patterns. Draft SI-4(13)
CCI-001278 The organization uses the traffic/event profiles in tuning system monitoring devices to reduce the number of false positives to an organization-defined measure of false positives and the number of false negatives to an organization-defined measure of false negatives. Draft
CCI-001279 The organization defines the respective measurements to which the organization must tune system monitoring devices to reduce the number of false positives. Draft
CCI-001280 The organization defines the respective measurements to which the organization must tune system monitoring devices to reduce the number of false negatives. Draft
CCI-001281 The organization employs a wireless intrusion detection system. Draft
CCI-001282 Employ an intrusion detection system to monitor wireless communications traffic as the traffic passes from wireless to wireline networks. Draft SI-4(15)
CCI-001283 Correlate information from monitoring tools employed throughout the system. Draft SI-4(16)
CCI-001284 Correlate information from monitoring physical, cyber, and supply chain activities to achieve integrated, organization-wide situational awareness. Draft SI-4(17)
CCI-001285 Receive system security alerts, advisories, and directives from organization-defined external organizations on an ongoing basis. Draft SI-5
CCI-001286 Generate internal security alerts, advisories, and directives as deemed necessary. Draft SI-5
CCI-001287 Disseminate security alerts, advisories, and directives to organization-defined personnel or roles, organization-defined elements within the organization, and/or organization-defined external organizations. Draft SI-5
CCI-001288 Defines the personnel or roles to whom the organization will disseminate security alerts, advisories, and directives. Draft SI-5
CCI-001289 Implement security directives in accordance with established time frames, or notify the issuing organization of the degree of noncompliance. Draft SI-5
CCI-001290 Broadcast security alert and advisory information throughout the organization using organization-defined automated mechanisms. Draft SI-5(1)