Benchmark: 3.13 System and Communications Protection
Description
The SC control family is responsible for systems and communications protection procedures. This includes boundary protection, protection of information at rest, collaborative computing devices, cryptographic protection, denial of service protection, and many others.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select 3.13 System and Communications Protection.
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.nist_800_171_rev_2_3_13Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.nist_800_171_rev_2_3_13 --shareBenchmarks
- 3.13.1 Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems
- 3.13.2 Employ architectural designs, software development techniques, and systems engineering principles that promote effective information security within organizational systems
- 3.13.3 Separate user functionality from system management functionality
- 3.13.4 Prevent unauthorized and unintended information transfer via shared system resources
- 3.13.5 Implement subnetworks for publicly accessible system components that are physically or logically separated from internal networks
- 3.13.6 Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception)
- 3.13.8 Implement cryptographic mechanisms to prevent unauthorized disclosure of CUI during transmission unless otherwise protected by alternative physical safeguards
- 3.13.10 Establish and manage cryptographic keys for cryptography employed in organizational systems
- 3.13.11 Employ FIPS-validated cryptography when used to protect the confidentiality of CUI
- 3.13.15 Protect the authenticity of communications sessions
- 3.13.16 Protect the confidentiality of CUI at rest