SI-4(18): Analyze Traffic and Covert Exfiltration
CSF v1.1 References:
(Not part of any baseline)
- NIST Special Publication 800-53 Revision 4:
- SI-4(18): Analyze Traffic / Covert Exfiltration
Analyze outbound communications traffic at external interfaces to the system and at the following interior points to detect covert exfiltration of information: [Assignment: organization-defined interior points within the system].
Organization-defined interior points include subnetworks and subsystems. Covert means that can be used to exfiltrate information include steganography.