>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SM-16Security Monitoring Alert Criteria: Guest, Anonymous and Temp Accounts

>Control Description

Organization defines security monitoring alert criteria for the use of guest, anonymous, and temporary accounts on Organization's network.

Theme

Process

Type

Detective

Policy/Standard

Logging & Monitoring Standard

>Implementation Guidance

1. Ensure that Organization's Security Monitoring Standard includes requirements for security monitoring alert criteria for the use of guest, anonymous, and temporary accounts on Organization's network. 2. Ensure that the security monitoring rules are defined, enabled and alert applicable personnel on the use of guest, anonymous, and temporary accounts on Organization's network. 3. Ensure that alerts are being generated and sent to the SOC team to support remediation.

>Testing Procedure

1. Inspect Organization's Security Monitoring Standard to determine whether requirements for security monitoring alert criteria for the use of guest, anonymous, and temporary accounts on Organization's network are defined. 2. Inspect a sample of security monitoring rules, to validate that the rules are defined to look for and alert applicable personnel on the use of guest, anonymous, and temporary accounts on Organization's network. 3. Validate that alerts being generated are sent to the SOC team to support remediation.

>Audit Artifacts

E-SM-10

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

FedRAMP Rev 5
1

AC-02 (12)

PCI DSS
10

10.7
10.7.1
10.7.2
10.7.3
A3.3.1
A3.3.1.2
+4 more

TX-RAMP
1

AC-2(12)

Ask AI

Configure your API key to use AI features.