Navigate

SI-4(18)

SI-4(18): Analyze Traffic and Covert Exfiltration

Analyze outbound communications traffic at external interfaces to the system and at the following interior points to detect covert exfiltration of information: [interior points within the system where communications traffic is to be analyzed are defined;].

Supplemental

Organization-defined interior points include subnetworks and subsystems. Covert means that can be used to exfiltrate information include steganography.

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
DAF Baseline, NC3

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to SI-4(18).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of SI-4(18).

Control	Description
No controls

Related CCIs

The CCIs below are tied to SI-4(18).

CCI	Definition
CCI-002670	Defines the interior points within the system where outbound communications will be analyzed to detect covert exfiltration of information.
CCI-002671	Analyze outbound communications traffic at the external interfaces of the system to detect covert exfiltration of information.
CCI-002672	Analyze outbound communications traffic at organization-defined interior points within the system to detect covert exfiltration of information.