Back

Configure endpoint security tools in accordance with organizational standards.


CONTROL ID
07049
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Establish, implement, and maintain system hardening procedures., CC ID: 12001

This Control has the following implementation support Control(s):
  • Secure endpoint security tool configuration settings from unauthorized change., CC ID: 07050


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • Configure managed endpoints with properly configured software firewalls. (UEM-10, Cloud Controls Matrix, v4.0)
  • Use capabilities to prevent suspicious behavior patterns from occurring on endpoint systems. This could include suspicious process, file, API call, etc. behavior. (M1040 Behavior Prevention on Endpoint, MITRE ATT&CK®, Enterprise Mitigations, Version 13.1)
  • Wireless device communications should be encrypted and integrity-protected. The encryption must not degrade the operational performance of the end device. Encryption at OSI Layer 2 should be considered, rather than at Layer 3 to reduce encryption latency. The use of hardware accelerators to perform … (§ 6.2.1.5 ICS-specific Recommendations and Guidance ¶ 1 Bullet 6, Guide to Industrial Control Systems (ICS) Security, Revision 2)