X hits on this document

Word document

Twenty Most Important Controls and Metrics for - page 47 / 48





47 / 48

Appendix A: Initial mapping between CAG 097 control set and

draft NIST SP 800-53 Rev 1, 2/9/2009

This mapping relays the SP 800-53 Rev 3 controls which accomplish the requirements called out in the CAG 097 control set. Note that for the most part, where the CAG 097 control set called for a requirement not currently in the draft for SP 800-53 Rev 3, an enhancement was added to the NIST draft to cover that requirement. Also note that the NIST controls may impose additional requirements beyond those explicitly stated in CAG 097.

CAG 0 97 Control

Related NIST SP 800-53 Rev 3 Controls

Critical Control 1: Inventory of authorized and unauthorized hardware.

CM-1, CM-2, CM-3, CM-4, CM-5, CM-8, CM-9

Critical Control 2: Inventory of authorized and unauthorized software; enforcement of white lists of authorized software.

CM-1, CM-2, CM-3, CM-5, CM-7, CM-8, CM-9, SA-7

Critical Control 3: Secure configurations for hardware and software for which such configurations are available.

CM-6, CM-7, CP-10, IA-5, SC-7

Critical Control 4: Secure configurations of network devices such as firewalls, routers, and switches.

AC-4, CM-6, CM-7, CP-10, IA-5, RA-5, SC-7

(Also related to assessment with SP 800-53A)

Critical Control 5: Boundary Defense

AC-17, RA-5, SC-7, SI-4

(Also related to assessment with SP 800-53A)

Critical Control 6: Maintenance, Monitoring and Analysis of Complete Audit Logs

AU-1, AU-2, AU-3, AU-4, AU-6, AU-7, AU-9, AU-11, AU-12, CM-3, CM-5, CM-6, SI-4

(Also related to assessment with SP 800-53A)

Critical Control 7: Application Software Security

AC-4, CM-4, CM-7, RA-5, SA-3, SA-4, SA-8, SA-11, SI-3

Critical Control 8: Controlled Use of Administrative Privileges

AC-6, AC-17, AT-2, AU-2

Critical Control 9: Controlled Access Based On Need to Know

AC-1, AC-2, AC-3, AC-6, AC-13

(Also related to assessment with SP 800-53A)

Critical Control 10: Continuous Vulnerability Testing and Remediation

CA-2, CA-6, CA-7, RA-5, SI-2

Critical Control 11: Dormant Account Monitoring and Control

AC-2, PS-4, PS-5


Document info
Document views66
Page views66
Page last viewedSun Oct 23 22:48:35 UTC 2016