Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 25 Next »

Check out the CIS Controls Navigator for more insight into CIS Controls and Mappings.

https://www.cisecurity.org/controls/cis-controls-navigator

We have the Excel version of the ConnectSecure CIS Control mapping file for download here:

CIS-Controls-V8-1536x1188.png

Control

SubControl

IG

SubControl Description

Coverage

1

1

1

Establish and Maintain Detailed Enterprise Asset Inventory

Facilitates

1

2

1

Address Unauthorized Assets

Facilitates

1

3

2

Utilize an Active Discovery Tool

Partial

1

4

2

Use DHCP Logging to update asset inventory

1

5

3

Use a Passive Asset Discovery Tool

2

1

1

Establish and Maintain a Software Inventory

Facilitates

2

2

1

Ensure Authorized Software is Currently Supported

Facilitates

2

3

1

Address Unauthorized Software

Facilitates

2

4

2

Utilize Automated Software Inventory Tools

Partial

2

5

2

Allowlist Authorized Software

Facilitates

2

6

2

Allowlist Authorized Libraries

2

7

3

Allowlist Authorized Scripts

3

1

1

Establish and Maintain a Data Management Process

3

2

1

Establish and Maintain a Data Inventory

Facilitates

3

3

1

Configure Data Access Control Lists

3

4

1

Enforce Data Retention

3

5

1

Securely Dispose of Data

3

6

1

Encrypt Data on End-User Devices

3

7

2

Establish and Maintain a Data Classification Scheme

3

8

2

Document Data Flows

3

9

2

Encrypt Data on Removable Media

3

10

2

Encrypt Sensitive Data In Transit

3

11

2

Encrypt Sensitive Data at Rest

3

12

2

Segment Data Processing and Storage Based on Sensitivity

3

13

3

Deploy a Data Loss Prevention Solution

Facilitates

3

14

3

Log Sensitive Data Access

4

1

1

Establish and Maintain a Secure Configuration Process

Facilitates

4

2

1

Establish and Maintain a Secure Configuration Process for Network Infrastructure

4

3

1

Configure Automatic Session Locking on Enterprise Assets

Facilitates

4

4

1

Implement and Manage a Firewall on Servers

Facilitates

4

5

1

Implement and Manage a Firewall on End-User Devices

Facilitates

4

6

1

Securely Manage Enterprise Assets and Software

4

7

1

Manage Default Accounts on Enterprise Assets and Software

Facilitates

4

8

2

Uninstall or Disable Unnecessary Services on Enterprise Assets and Software

Facilitates

4

9

2

Configure Trusted DNS Servers on Enterprise Assets

4

10

2

Enforce Automatic Device Lockout on Portable End-User Devices

Facilitates

4

11

2

Enforce Remote Wipe Capability on Portable End-User Devices

4

12

3

Separate Enterprise Workspaces on Mobile End-User Devices

5

1

1

Establish and Maintain an Inventory of Accounts

Facilitates

5

2

1

Use Unique Passwords

Facilitates

5

3

1

Disable Dormant Accounts

Facilitates

5

4

1

Restrict Administrator Privileges to Dedicated Administrator Accounts

5

5

2

Establish and Maintain an Inventory of Service Accounts

Facilitates

5

6

2

Centralize Account Management

6

1

1

Establish an Access Granting Process

6

2

1

Establish an Access Revoking Process

6

3

1

Require MFA for Externally-Exposed Applications

6

4

1

Require MFA for Remote Network Access

6

5

1

Require MFA for Administrative Access

6

6

2

Establish and Maintain an Inventory of Authentication and Authorization Systems

6

7

2

Centralize Access Control

6

8

3

Define and Maintain Role-Based Access Control

7

1

1

Establish and Maintain a Vulnerability Management Process

Facilitates

7

2

1

Establish and Maintain a Remediation Process

Facilitates

7

3

1

Perform Automated Operating System Patch Management

Partial

7

4

1

Perform Automated Application Patch Management

Partial

7

5

2

Perform Automated Vulnerability Scans of Internal Enterprise Assets

Fully

7

6

2

Perform Automated Vulnerability Scans of Externally-Exposed Enterprise Assets

Fully

7

7

2

Remediate Detected Vulnerabilities

Partial

8

1

1

Establish and Maintain an Audit Log Management Process

8

2

1

Collect Audit Logs

8

3

1

Ensure Adequate Audit Log Storage

8

4

2

Standardize Time Synchronization

Facilitates

8

5

2

Collect Detailed Audit Logs

8

6

2

Collect DNS Query Audit Logs

8

7

2

Collect URL Request Audit Logs

8

8

2

Collect Command-Line Audit Logs

8

9

2

Centralize Audit Logs

8

10

2

Retain Audit Logs

8

11

2

Conduct Audit Log Reviews

8

12

3

Collect Service Provider Logs

9

1

1

Ensure Use of Only Fully Supported Browsers and Email Clients

Facilitates

9

2

1

Use DNS Filtering Services

9

3

2

Maintain and Enforce Network-Based URL Filters

9

4

2

Restrict Unnecessary or Unauthorized Browser and Email Client Extensions

9

5

2

Implement DMARC

9

6

2

Block Unnecessary File Types

9

7

3

Deploy and Maintain Email Server Anti-Malware Protections

10

1

1

Deploy and Maintain Anti-Malware Software

10

2

1

Configure Automatic Anti-Malware Signature Updates

10

3

1

Disable Autorun and Autoplay for Removable Media

10

4

2

Configure Automatic Anti-Malware Scanning of Removable Media

10

5

2

Enable Anti-Exploitation Features

10

6

2

Centrally Manage Anti-Malware Software

10

7

3

Use Behavior-Based Anti-Malware Software

11

1

1

Establish and Maintain a Data Recovery Process

11

2

1

Perform Automated Backups

11

3

1

Protect Recovery Data

11

4

1

Establish and Maintain an Isolated Instance of Recovery Data

11

5

2

Test Data Recovery

12

1

1

Ensure Network Infrastructure is Up-to-Date

Facilitates

12

2

2

Establish and Maintain a Secure Network Architecture

12

3

2

Securely Manage Network Infrastructure

12

4

2

Establish and Maintain Architecture Diagram(s)

12

5

2

Centralize Network Authentication, Authorization, and Auditing (AAA)

12

6

2

Use of Secure Network Management and Communication Protocols

12

7

2

Ensure Remote Devices Utilize a VPN and are Connecting to an Enterprise’s AAA Infrastructure

12

8

3

Establish and Maintain Dedicated Computing Resources for All Administrative Work

13

1

2

Centralize Security Event Alerting

13

2

2

Deploy a Host-Based Intrusion Detection Solution

13

3

2

Deploy a Network Intrusion Detection Solution

13

4

2

Perform Traffic Filtering Between Network Segments

13

5

2

Manage Access Control for Remote Assets

13

6

2

Collect Network Traffic Flow Logs

13

7

3

Deploy a Host-Based Intrusion Prevention Solution

13

8

3

Deploy a Network Intrusion Prevention Solution

13

9

3

Deploy Port-Level Access Control

13

10

3

Perform Application Layer Filtering

13

11

3

Tune Security Event Alerting Thresholds

14

1

1

Establish and Maintain a Security Awareness Program

14

2

1

Train Workforce Members to Recognize Social Engineering Attacks

14

3

1

Train Workforce Members on Authentication Best Practices

14

4

1

Train Workforce on Data Handling Best Practices

14

5

1

Train Workforce Members on Causes of Unintentional Data Exposure

14

6

1

Train Workforce Members on Recognizing and Reporting Security Incidents

14

7

1

Train Workforce on How to Identify and Report if Their Enterprise Assets are Missing Security Updates

14

8

1

Train Workforce on the Dangers of Connecting to and Transmitting Enterprise Data Over Insecure Networks

14

9

2

Conduct Role-Specific Security Awareness and Skills Training

15

1

1

Establish and Maintain an Inventory of Service Providers

15

2

2

Establish and Maintain a Service Provider Management Policy

15

3

2

Classify Service Providers

15

4

2

Ensure Service Provider Contracts Include Security Requirements

15

5

3

Assess Service Providers

15

6

3

Monitor Service Providers

15

7

3

Securely Decommission Service Providers

16

1

2

Establish and Maintain a Secure Application Development Process

16

2

2

Establish and Maintain a Process to Accept and Address Software Vulnerabilities

16

3

2

Perform Root Cause Analysis on Security Vulnerabilities

16

4

2

Establish and Manage an Inventory of Third-Party Software Components

16

5

2

Use Up-to-Date and Trusted Third-Party Software Components

16

6

2

Establish and Maintain a Severity Rating System and Process for Application Vulnerabilities

16

7

2

Use Standard Hardening Configuration Templates for Application Infrastructure

16

8

2

Separate Production and Non-Production Systems

16

9

2

Train Developers in Application Security Concepts and Secure Coding

16

10

2

Apply Secure Design Principles in Application Architectures

16

11

2

Leverage Vetted Modules or Services for Application Security Components

16

12

3

Implement Code-Level Security Checks

16

13

3

Conduct Application Penetration Testing

16

14

3

Conduct Threat Modeling

17

1

1

Designate Personnel to Manage Incident Handling

17

2

1

Establish and Maintain Contact Information for Reporting Security Incidents

17

3

1

Establish and Maintain an Enterprise Process for Reporting Incidents

17

4

2

Establish and Maintain an Incident Response Process

17

5

2

Assign Key Roles and Responsibilities

17

6

2

Define Mechanisms for Communicating During Incident Response

17

7

2

Conduct Routine Incident Response Exercises

17

8

2

Conduct Post-Incident Reviews

17

9

3

Establish and Maintain Security Incident Thresholds

18

1

2

Establish and Maintain a Penetration Testing Program

18

2

2

Perform Periodic External Penetration Tests

18

3

2

Remediate Penetration Test Findings

18

4

3

Validate Security Measures

18

5

3

Perform Periodic Internal Penetration Tests

  • No labels