SC-7(9)—Restrict Threatening Outgoing Communications Traffic
>Control Description
Detect and deny outgoing communications traffic posing a threat to external systems; and
Audit the identity of internal users associated with denied communications.
>Cross-Framework Mappings
>Supplemental Guidance
Detecting outgoing communications traffic from internal actions that may pose threats to external systems is known as extrusion detection. Extrusion detection is carried out within the system at managed interfaces. Extrusion detection includes the analysis of incoming and outgoing communications traffic while searching for indications of internal threats to the security of external systems.
Internal threats to external systems include traffic indicative of denial-of-service attacks, traffic with spoofed source addresses, and traffic that contains malicious code. Organizations have criteria to determine, update, and manage identified threats related to extrusion detection.
>Related Controls
>Assessment Interview Topics
Questions assessors commonly ask
Process & Governance:
- •What policies govern the implementation of restrict threatening outgoing communications traffic?
- •How are system and communications protection requirements defined and maintained?
- •Who is responsible for configuring and maintaining the security controls specified in SC-7(9)?
Technical Implementation:
- •How is restrict threatening outgoing communications traffic technically implemented in your environment?
- •What systems, tools, or configurations enforce this protection requirement?
- •How do you ensure that restrict threatening outgoing communications traffic remains effective as the system evolves?
Evidence & Documentation:
- •What documentation demonstrates the implementation of SC-7(9)?
- •Can you provide configuration evidence or system diagrams showing this protection control?
- •What logs or monitoring data verify that this control is functioning correctly?
Ask AI
Configure your API key to use AI features.