-
Notifications
You must be signed in to change notification settings - Fork 10
Suggested Controls
Cousin edited this page Oct 31, 2024
·
8 revisions
(Suggested and Specified by James Younger)
NIST 800-52 Rev5 PDF
-
- AC-2 CFS Reference
- Proofs:
-
- AC-3 CFS Reference
- Goal: Demonstrate logical access enforcement
- Proofs:
- Fabric-CA Query of the users currently Enrolled
- Verify that CA-certificates for these users are Active
- See un-enrolled users and revoked CA-certs
-
- AC-6 CFS Reference
- Proofs:
- Roles and privileges mapping confirmation
- Pull all the roles
- Pull corresponding privileges
- Make sure the user-in-roles are not over-endowed with privileges
-
- AC-17 CFS Reference
- Proofs:
- URL is HTTPS
- SSL is the only allowed protocol
-
- AU-2 CFS Reference
- Proofs:
- CloudTrail, CloudWatch are ON
- Proof that config has all AWS logging turned ON
-
- AU-3 CFS Reference
- Proofs:
- CloudTrail, CloudWatch Logs Are Collecting:
- All events
- Events are mapped to Identity
- Action timestamp
- CloudTrail, CloudWatch Logs Are Collecting: