control_freak | Controls | SI-04(22) - Unauthorized Network Services

(a) Detect network services that have not been authorized or approved by si-04.22_odp.01 ; and

(b) si-04.22_odp.02 when detected.

Parameter ID	Definition
si-04.22_odp.01	authorization or approval processes
si-04.22_odp.02	Selection (one-or-more): audit alert {{ insert: param si-04.22_odp.03 }}
si-04.22_odp.03	personnel or roles

Parameter ID

Definition

si-04.22_odp.01

authorization or approval processes

si-04.22_odp.02

Selection (one-or-more):

audit
alert {{ insert: param
si-04.22_odp.03 }}

si-04.22_odp.03

personnel or roles

Baselines

Guidance

Unauthorized or unapproved network services include services in service-oriented architectures that lack organizational verification or validation and may therefore be unreliable or serve as malicious rogues for valid services.

Related controls 1

CM-07 Least Functionality L M H P

SI-04(22) Unauthorized Network Services

Baselines

Guidance

Related controls 1