Control access to Monitoring Dashboards and reports to ensure they don't highlight an attack path.
Management / Monitoring / Controls / DEV
Restrict access to Monitoring Dashboards
CCC.Monitor.CN04 · Access
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Monitoring.CP04 | CCC.Monitoring.CP04 |
Related Threats
| ID | Title | Description |
|---|---|---|
| CCC.Monitor.TH02 | Health Checks Used to Identify Attack Targets | Health Checks are used to inform those responsible for maintaining a system that there is a problem, but if that information gets into the hands of a malicious actor, it can be used to target already problematic systems and mask malicious activity. |
Assessment Requirements
| ID | Text | Applicability |
|---|---|---|
| CCC.Monitor.CN04.AR01 | When monitoring dashboards display degraded services which may become potential targets then the dashboard MUST be protected from unauthorised access. | tlp-clear, tlp-green, tlp-amber, tlp-red |