Enforce and Detect Rate Limiting | CCC

Skip to main content

CCC.LB.C01: Enforce and Detect Rate Limiting

Control ID:CCC.LB.C01

Title:Enforce and Detect Rate Limiting

Objective:Detect and throttle malicious or excessive requests to prevent downstream resource exhaustion and brute-force activity.

Control Family:

Logging & Monitoring

Guideline Mappings

Reference ID	Entry ID	Strength	Remarks
NIST-CSF	DE.CM-1	0	Monitor to detect events
NIST-CSF	PR.AC-7	0	Prevent brute-force
NIST-CSF	PR.PT-4	0	Protective technology
NIST_800_53	AU-6	0	Audit review, analysis, reporting
NIST_800_53	SC-5	0	Denial-of-Service protection
NIST_800_53	AC-7	0	Unsuccessful logon attempts

Assessment Requirements

ID	Description	Applicability
CCC.LB.C01.TR01	When a single client sends more than 2000 requests within any 5-minute sliding window, the load balancer MUST throttle all subsequent requests from that client for at least 60 seconds.	tlp-green tlp-amber tlp-red
CCC.LB.C01.TR02	When throttling is invoked, the load balancer MUST record the event in the access log within 5 minutes for alerting and trend analysis.	tlp-green tlp-amber tlp-red