NIST 800-53 Unevaluated Controls - User Guide - 2 - Cortex XPANSE - Cortex - Security Operations

Cortex Xpanse Expander User Guide

Product
Cortex XPANSE
Version
2
Creation date
2024-03-28
Last date published
2024-05-24
Category
User Guide
Solution
Cloud
Abstract

Cortex Xpanse does not make a determination regarding compliance with the listed NIST 800-53 controls.

Not all compliance violations can be detected from our scan data. Cortex Xpanse provides an external view of your attack surface. The controls listed below would require data from internal scans or checks against internal controls and processes where Xpanse does not have visibility. Therefore, Xpanse cannot make a determination regarding compliance with these specific controls.

The following NIST 800-53 controls, organized by control family, are unevaluated by the Expander Attack Surface Compliance Violations Dashboard.

Table 19. Access Control

AC-1

Access Control Policy and Procedures

AC-5

Separation of Duties

AC-7

Unsuccessful Login Attempts

AC-9

Previous Logon (Access) Notification

AC-10

Concurrent Session Control

AC-16

Security Attributes

AC-18

Wireless Access

AC-19

Access Control for Mobile Devices

AC-20

Use of External Information Systems

AC-21

Information Sharing

AC-22

Publicly Accessible Content

AC-23

Data Mining Protection

AC-24

Access Control Decisions

AC-25

Reference Monitor


Table 20. Audit and Accountability

AU-1

Audit and Accountability Policy and Procedures

AU-4

Audit Storage Capacity

AU-7

Audit Reduction and Report Generation

AU-8

Time Stamps

AU-9

Protection of Audit Information

AU-11

Audit Record Retention

AU-13

Monitoring for Information Disclosure

AU-14

Session Audit

AU-15

Alternate Audit Capability

AU-16

Cross-Organizational Auditing


Table 21. Awareness and Training (entire Family)

AT-1

Security Awareness and Training Policy and Procedures

AT-2

Security Awareness Training

AT-3

Role-Based Security Training

AT-4

Security Training Records


Table 22. Configuration Management

CM-1

Configuration Management Policy and Procedures

CM-5

Access Restrictions for Change

CM-9

Configuration Management Plan

CM-11

User-Installed Software


Table 23. Contingency Planning

CP-1

Contingency Planning Policy and Procedures

CP-3

Contingency Training

CP-4

Contingency Plan Testing

CP-6

Alternate Storage Site

CP-7

Alternate Processing Site

CP-8

Telecommunications Services

CP-11

Alternate Communications Protocols

CP-12

Safe Mode

CP-13

Alternative Security Mechanisms


Table 24. Identification and Authentication

IA-1

Identification and Authentication Policy and Procedures

IA-9

Service Identification and Authentication

IA-10

Adaptive Identification and Authentication

IA-11

Re-authentication


Table 25. Incident Response

IR-1

Incident Response Policy and Procedures

IR-2

Incident Response Training

IR-3

Incident Response Testing

IR-10

Integrated Information Security Analysis Team


Table 26. Maintenance

MA-1

System Maintenance Policy and Procedures

MA-3

Maintenance Tools

MA-4

Nonlocal Maintenance

MA-5

Maintenance Personnel

MA-6

Timely Maintenance


Table 27. Media Protection

MP-1

Media Protection Policy and Procedures

MP-2

Media Access

MP-3

Media Marking

MP-4

Media Storage

MP-5

Media Transport

MP-7

Media Use

MP-8

Media Downgrading


Table 28. Personnel Security (entire Family)

PS-1

Personnel Security Policy and Procedures

PS-2

Position Risk Designation

PS-3

Personnel Screening

PS-4

Personnel Termination

PS-5

Personnel Transfer

PS-6

Access Agreements

PS-7

Third-Party Personnel Security

PS-8

Personnel Sanctions


Table 29. Physical and Environmental Protection

PE-1

Physical and Environmental Protection Policy and Procedures

PE-2

Physical Access Authorizations

PE-4

Access Control for Transmission Medium

PE-5

Access Control for Output Devices

PE-6

Monitoring Physical Access

PE-8

Visitor Access Records

PE-9

Power Equipment and Cabling

PE-10

Emergency Shutoff

PE-11

Emergency Power

PE-12

Emergency Lighting

PE-13

Fire Protection

PE-14

Temperature and Humidity Controls

PE-15

Water Damage Protection

PE-16

Delivery and Removal

PE-17

Alternate Work Site

PE-18

Location of Information System Components

PE-19

Information Leakage

PE-20

Asset Monitoring and Tracking


Table 30. Planning

PL-1

Security Planning Policy and Procedures

PL-4

Rules of Behavior

PL-7

Security Concept of Operations

PL-8

Information Security Architecture

PL-9

Central Management


Table 31. Program Management (entire Family)

PM-1

Information Security Program Plan

PM-2

Senior Information Security Officer

PM-3

Information Security Resources

PM-4

Plan of Action and Milestones Process

PM-5

Information System Inventory

PM-6

Information Security Measures of Performance

PM-7

Enterprise Architecture

PM-8

Critical Infrastructure Plan

PM-9

Risk Management Strategy

PM-10

Security Authorization Process

PM-11

Mission/Business Process Definition

PM-12

Insider Threat Program

PM-13

Information Security Workforce

PM-14

Testing, Training, & Monitoring

PM-15

Contacts with Security Groups and Associations

PM-16

Threat Awareness Program


Table 32. Risk Assessment

RA-1

Risk Assessment Policy and Procedures

RA-2

Security Categorization

RA-6

Technical Surveillance Countermeasures Survey


Table 33. Security Assessment and Authorization

CA-1

Security Assessment and Authorization Policies and Procedures

CA-2

Security Assessments

CA-5

Plan of Action and Milestones

CA-6

Security Authorization

CA-9

Internal System Connections


Table 34. System and Communication Protection

SC-2

Application Partitioning

SC-3

Security Function Isolation

SC-4

Information in Shared Resources

SC-6

Resource Availability

SC-11

Trusted Path

SC-16

Transmission of Security Attributes

SC-18

Mobile Code

SC-19

Voice Over Internet Protocol

SC-20

Secure Name /Address Resolution Service (Authoritative Source)

SC-21

Secure Name /Address Resolution Service (Recursive or Caching Resolver)

SC-22

Architecture and Provisioning for Name/Address Resolution Service

SC-23

Session Authenticity

SC-24

Fail in Known State

SC-25

Thin Nodes

SC-26

Honeypots

SC-29

Heterogeneity

SC-30

Concealment and Misdirection

SC-31

Covert Channel Analysis

SC-32

Information System Partitioning

SC-34

Non-Modifiable Executable Programs

SC-35

Honeyclients

SC-36

Distributed Processing and Storage

SC-37

Out-of-Band Channels

SC-38

Operations Security

SC-39

Process Isolation

SC-40

Wireless Link Protection

SC-41

Port and I/O Device Access

SC-42

Sensor Capability and Data

SC-43

Usage Restrictions

SC-44

Detonation Chambers


Table 35. System and Information Integrity

SI-1

System and Information Integrity Policy and Procedures

SI-5

Security Alerts, Advisories, and Directives

SI-6

Security Function Verification

SI-7

Software, Firmware, and Information Integrity

SI-11

Error Handling

SI-12

Information Handling and Retention

SI-13

Predictable Failure Prevention

SI-14

Non-Persistence

SI-15

Information Output Filtering

SI-16

Memory Protection

SI-17

Fail-Safe Procedures


Table 36. System and Services Acquisition

SA-2

Allocation of Resources

SA-5

Information System Documentation

SA-9

External Information System Services

SA-13

Trustworthiness

SA-14

Criticality Analysis

SA-15

Development Process, Standards, and Tools

SA-18

Tamper Resistance and Detection

SA-19

Component Authenticity

SA-20

Customized Development of Critical Components

SA-21

Developer Screening