Applicable

(Y)es / (N)o

(C)onfidentiality

(I)ntegrity

(A)vailability

RPN

(C+I+A)

(S)atisfactory

L1

M2

H3

L1

M2

H3

L1

M2

H3

(O)ther than satisfactory +##

sc-5(3)

denial of service protection  | detection / monitoring

assessment objective:

Determine if the organization:

sc-5(3)(a)

sc-5(3)(a)[1]

defines monitoring tools to be employed to detect indicators of denial of service attacks against the information system;

sc-5(3)(a)[2]

employs organization-defined monitoring tools to detect indicators of denial of service attacks against the information system;

sc-5(3)(b)

sc-5(3)(b)[1]

defines information system resources to be monitored to determine if sufficient resources exist to prevent effective denial of service attacks; and

sc-5(3)(b)[2]

monitors organization-defined information system resources to determine if sufficient resources exist to prevent effective denial of service attacks.

potential assessment methods and objects:

Examine: [SELECT FROM: System and communications protection policy; procedures addressing denial of service protection; information system design documentation; information system monitoring tools and techniques documentation; information system configuration settings and associated documentation; information system audit records; other relevant documents or records].

Interview: [select from: System/network administrators; organizational personnel with information security responsibilities; organizational personnel with detection and monitoring responsibilities].

Test: [select from: Automated mechanisms/tools implementing information system monitoring for denial of service attacks].