SI-04.22: Unauthorized Network Services

SI-04.22 · Unauthorized Network Services

Control Description

Detect network services that have not been authorized or approved by {{ insert: param, si-04.22_odp.01 }} ; and {{ insert: param, si-04.22_odp.02 }} when detected.

Impact Baselines

Security baselines where this control applies

Not in any baseline

Control Properties

SP800-53-enhancement

system

Assurance

Enhancement

Control Statement

The control requirements

(a) Detect network services that have not been authorized or approved by {{ insert: param, si-04.22_odp.01 }} ; and

(b) {{ insert: param, si-04.22_odp.02 }} when detected.

Supplemental Guidance

Unauthorized or unapproved network services include services in service-oriented architectures that lack organizational verification or validation and may therefore be unreliable or serve as malicious rogues for valid services.

Related NIST Controls

Other NIST 800-53 controls related to this one

CM-07