SI-4(18): Analyze Traffic and Covert Exfiltration

Threats Addressed:


(Not part of any baseline)

Previous Version:

Control Statement

Analyze outbound communications traffic at external interfaces to the system and at the following interior points to detect covert exfiltration of information: [Assignment: organization-defined interior points within the system].

Supplemental Guidance

Organization-defined interior points include subnetworks and subsystems. Covert means that can be used to exfiltrate information include steganography.