Skip to main content

CCC.Monitor.C04: Restrict access to Monitoring Dashboards

Control ID:CCC.Monitor.C04
Title:Restrict access to Monitoring Dashboards
Objective:Control access to Monitoring Dashboards and reports to ensure they don't highlight an attack path.
Control Family:
Identity and Access Management

Related Threats

IDTitleDescriptionExternal MappingsCapability MappingsControl Mappings
CCC.Monitor.TH02Health Checks Used to Identify Attack TargetsHealth Checks are used to inform those responsible for maintaining a system that there is a problem, but if that information gets into the hands of a malicious actor, it can be used to target already problematic systems and mask malicious activity.
1
1
0

Guideline Mappings

Reference IDEntry IDStrengthRemarks
NIST-CSF
DE.CM-09
0
-
NIST-CSF
DE.AE-03
0
-
NIST_800_53
SI-4
0
-
NIST_800_53
AC-3
0
-

Assessment Requirements

IDDescriptionApplicability
CCC.Monitor.C04.TR01When monitoring dashboards display degraded services which may become potential targets then the dashboard MUST be protected from unauthorised access.
tlp-clear
tlp-green
tlp-amber
tlp-red