System and Information Integrity (SI)
Correlate information from monitoring physical, cyber, and supply chain activities to achieve integrated, organization-wide situational awareness.
System and Information Integrity (SI)
Analyze outbound communications traffic at external interfaces to the system and at the following interior points to detect covert exfiltration of information: [Assignment: organization-defined interior points within the system].
System and Information Integrity (SI)
Level N/A
Implement [Assignment: organization-defined additional monitoring] of individuals who have been identified by [Assignment: organization-defined sources] as posing an increased level of risk.
System and Information Integrity (SI)
Level N/A
Implement the following additional monitoring of privileged users: [Assignment: organization-defined additional monitoring].
System and Information Integrity (SI)
Level N/A
Implement the following additional monitoring of individuals during [Assignment: organization-defined probationary period]: [Assignment: organization-defined additional monitoring].
System and Information Integrity (SI)
(a) Detect network services that have not been authorized or approved by [Assignment: organization-defined authorization or approval processes]; and (b) [Selection (one or more): Audit; Alert [Assignment: organization-defined personnel or roles]] when detected.
System and Information Integrity (SI)
Level N/A
Implement the following host-based monitoring mechanisms at [Assignment: organization-defined system components]: [Assignment: organization-defined host-based monitoring mechanisms].
System and Information Integrity (SI)
Discover, collect, and distribute to [Assignment: organization-defined personnel or roles], indicators of compromise provided by [Assignment: organization-defined sources].
System and Information Integrity (SI)
Provide visibility into network traffic at external and key internal system interfaces to optimize the effectiveness of monitoring devices.
System and Information Integrity (SI)
a. Receive system security alerts, advisories, and directives from [Assignment: organization-defined external organizations] on an ongoing basis; b. Generate internal security alerts, advisories, and directives as deemed necessary; c. Disseminate security alerts, advisories, and directives to: [Selection (one or more): [Assignment: organization-defined personnel or roles]; [Assignment: organization-defined elements within the organization]; [Assignment: organization-defined external organizations]]; and d. Implement security directives in accordance with established time frames, or notify the issuing organization of the degree of noncompliance.
