SI-4(11)—Information System Monitoring
PBMM (P2)
Secret (P2)
Operational
>Control Description
INFORMATION SYSTEM MONITORING | ANALYZE COMMUNICATIONS TRAFFIC ANOMALIES The organization analyzes outbound communications traffic at the external boundary of the information system and selected ⚙organization-defined interior points within the system (e.g., sub-networks, subsystems) to discover anomalies.
>Supplemental Guidance
Anomalies within organizational information systems include, for example, large file transfers, long-time persistent connections, unusual protocols and ports in use, and attempted communications with suspected malicious external addresses.
>Tailoring Guidance
Control enhancement (11) expands upon control enhancement (4).
Ask AI
Configure your API key to use AI features.