| Trustmark Definition Name | Version |
|---|---|
|
Defines conformance and assessment criteria for verifying that an organization employs automated mechanisms to detect the presence of unauthorized hardware, software, and firmware components within the information system.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization provides a centralized repository for the inventory of information system components.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization verifies that all components within the authorization boundary of the information system are not duplicated in other information system component inventories.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization updates the inventory of information system components as an integral part of component installations, removals, and information system updates.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for information system documentation - attempts to obtain documentation as related to overall system and services acquisition requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for information system documentation - distribution as related to overall system and services acquisition requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for information system documentation - documentation protection as related to overall system and services acquisition requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops and maintains an inventory of its information systems.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for information system monitoring - attack detection as related to overall system and information integrity requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for information system monitoring - legal compliance as related to overall system and information integrity requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for information system monitoring - monitoring adjusted to risks as related to overall system and information integrity requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for information system monitoring - monitoring device placement as related to overall system and information integrity requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for information system monitoring - protection of collected information as related to overall system and information integrity requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for information system monitoring - reporting as related to overall system and information integrity requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for information system monitoring - unauthorized connections as related to overall system and information integrity requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for information system monitoring - unauthorized use as related to overall system and information integrity requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization analyzes outbound communications traffic at the external boundary of the information system and selected organization-defined interior points within the system (e.g., subnetworks, subsystems) to discover anomalies.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization analyzes communications traffic/event patterns for the information system.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization analyzes outbound communications traffic at the external boundary of the information system (i.e., system perimeter) and at organization-defined interior points within the system (e.g., subsystems, subnetworks) to detect covert exfiltration of information.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops profiles representing common traffic patterns and/or events for the information system. .
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization uses the traffic/event profiles in tuning system-monitoring devices to reduce the number of false positives and the number of false negatives.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs automated mechanisms to alert security personnel of organization-defined activities that trigger alerts for inappropriate or unusual activities with security implications.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system notifies organization-defined incident response personnel (identified by name and/or by role) of detected suspicious events and takes organization-defined least-disruptive actions to terminate suspicious events.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs automated tools to integrate intrusion detection tools into access control and flow control mechanisms for rapid response to attacks by enabling reconfiguration of these mechanisms in support of attack isolation and elimination.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs automated tools to support near real-time analysis of events.
|
1.0 |
