SI-4(22): Unauthorized Network Services

Control Family:

System and Information Integrity

Parent Control:

SI-4: System Monitoring

CSF v1.1 References:

ID.RA-1
PR.DS-5
PR.IP-8
DE.AE-1
DE.AE-2
DE.AE-3
DE.AE-4
DE.CM-1
DE.CM-4
DE.CM-5
DE.CM-6
DE.CM-7
DE.DP-2
DE.DP-3
DE.DP-4
DE.DP-5
RS.AN-1

Threats Addressed:

Elevation of Privilege
Lateral Movement

Baselines:

High

Previous Version:

NIST Special Publication 800-53 Revision 4:
SI-4(22): Unauthorized Network Services

Control Statement

Detect network services that have not been authorized or approved by [Assignment: organization-defined authorization or approval processes]; and
[Assignment (one or more): Audit, Alert [Assignment: organization-defined personnel or roles] ] when detected.

Supplemental Guidance

Unauthorized or unapproved network services include services in service-oriented architectures that lack organizational verification or validation and may therefore be unreliable or serve as malicious rogues for valid services.

Control Statement

Supplemental Guidance

Related Controls

NIST Special Publication 800-53 Revision 5