>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SC-7(12)Boundary Protection | Host-based Protection

IL4 Mod
IL4 High
IL5
IL6

>Control Description

Implement organization-defined host-based boundary protection mechanisms at organization-defined system components.

>DoD Impact Level Requirements

FedRAMP Parameter Values

SC-7 (12)-1 [Host Intrusion Prevention System (HIPS), Host Intrusion Detection System (HIDS), or minimally a host-based firewall]

>Discussion

Host-based boundary protection mechanisms include host-based firewalls. System components that employ host-based boundary protection mechanisms include servers, workstations, notebook computers, and mobile devices.

>Assessment Interview Topics

Questions assessors commonly ask

Process & Governance:

  • What policies govern the implementation of host-based protection?
  • How are system and communications protection requirements defined and maintained?
  • Who is responsible for configuring and maintaining the security controls specified in SC-7(12)?

Technical Implementation:

  • How is host-based protection technically implemented in your environment?
  • What systems, tools, or configurations enforce this protection requirement?
  • How do you ensure that host-based protection remains effective as the system evolves?
  • What network boundary protections are in place (firewalls, gateways, etc.)?

Evidence & Documentation:

  • What documentation demonstrates the implementation of SC-7(12)?
  • Can you provide configuration evidence or system diagrams showing this protection control?
  • What logs or monitoring data verify that this control is functioning correctly?
  • Can you provide network architecture diagrams and firewall rulesets?

Ask AI

Configure your API key to use AI features.