From Voice Video Policy Security Technical Implementation Guide
Part of SRG-POL-300882
Associated with: CCI-002642
Information system monitoring includes external and internal monitoring. External monitoring includes the observation of events occurring at the information system boundary (i.e., part of perimeter defense and boundary protection). Internal monitoring includes the observation of events occurring within the information system. Organizations can monitor information systems, for example, by observing audit activities in real time or by observing other system aspects such as access patterns, characteristics of access, and other actions. The monitoring objectives may guide determination of the events.
Review each Voice Video system security plan (SSP). Verify that the organization requires the Voice Video system to monitor the network to detect unauthorized local connections. Commercial subscriber lines and trunks are provided over an Internet Service Provider (ISP) connection, which requires approval. Other unauthorized connections may also exist. If the Voice Video SSP does not document, and the organization does not enforce, that the Voice Video system is monitored to detect unauthorized local connections, this is a finding.
Document in the Voice Video SSP the organizational details for monitoring the Voice Video system to detect unauthorized local connections.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer