SI-4(13): Analyze Traffic / Event Patterns

Threats Addressed:

Baselines:

(Not part of any baseline)

Next Version:

Control Statement

The organization:

  1. Analyzes communications traffic/event patterns for the information system;
  2. Develops profiles representing common traffic patterns and/or events; and
  3. Uses the traffic/event profiles in tuning system-monitoring devices to reduce the number of false positives and the number of false negatives.