Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
ID.AM-02.5: Mechanisms for detecting the presence of unauthorised software within the organ- isation’s ICT/OT environment shall be identified. |
|
ID.AM-02.5 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p49 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
The goal of this control is to ensure that external network communications are clearly understood, controlled, and monitored to reduce the risk of unauthorised access, data leakage, or service disruption across ICT and OT environments. To achieve this goal: • Map and Document External Flows Communication and data flows between the organisation and external parties should be mapped, docu- mented, and authorised. These records should be updated when changes occur. • Enforce Access Controls Network connections should be restricted to explicitly authorised interfaces to reduce the attack surface and prevent unauthorised data transfers. • Enhance Monitoring When Needed Monitoring should be intensified in response to elevated risk levels. This may include real-time alerts, enhanced logging, or more frequent audits of external network activity. • Prevent Information Leakage The risk of data leakage through electromagnetic emissions or side-channel attacks should be assessed. Where appropriate, mitigation measures such as EMSEC orTEMPESTcontrols should be applied, especially for systems handling sensitive or classified information. The two controls — ID.AM-03-3 and ID.AM-04.2 — are closely related but focus on different scopes of infor- mation flow and network activity. This control, ID.AM-03-3, covers network-layer interactions with external entities, including: • Internet traffic (e.g., outbound web access, DNS queries, email traffic). • VPN connections, remote access, and cloud service communications. • Any communication that traverses the organisational perimeter, regardless of whether it involves a specific external system. |
|
A general note, for any purpose. |
The goal of this control is to ensure that external network communications are clearly understood, controlled, and monitored to reduce the risk of unauthorised access, data leakage, or service disruption across ICT and OT environments. To achieve this goal: - Map and Document External Flows Communication and data flows between the organisation and external parties should be mapped, docu- mented, and authorised. These records should be updated when changes occur. - Enforce Access Controls Network connections should be restricted to explicitly authorised interfaces to reduce the attack surface and prevent unauthorised data transfers. - Enhance Monitoring When Needed Monitoring should be intensified in response to elevated risk levels. This may include real-time alerts, enhanced logging, or more frequent audits of external network activity. - Prevent Information Leakage The risk of data leakage through electromagnetic emissions or side-channel attacks should be assessed. Where appropriate, mitigation measures such as EMSEC orTEMPESTcontrols should be applied, especially for systems handling sensitive or classified information. The two controls — ID.AM-03-3 and ID.AM-04.2 — are closely related but focus on different scopes of infor- mation flow and network activity. This control, ID.AM-03-3, covers network-layer interactions with external entities, including: - Internet traffic (e.g., outbound web access, DNS queries, email traffic). - VPN connections, remote access, and cloud service communications. - Any communication that traverses the organisational perimeter, regardless of whether it involves a specific external system. |
|
A general note, for any purpose. |
<div><p>The goal of this control is to ensure that external network communications are clearly understood, controlled, and monitored to reduce the risk of unauthorised access, data leakage, or service disruption across ICT and OT environments. To achieve this goal:</p><ul><li>Map and Document External Flows Communication and data flows between the organisation and external parties should be mapped, docu- mented, and authorised. These records should be updated when changes occur.</li><li>Enforce Access Controls Network connections should be restricted to explicitly authorised interfaces to reduce the attack surface and prevent unauthorised data transfers.</li><li>Enhance Monitoring When Needed Monitoring should be intensified in response to elevated risk levels. This may include real-time alerts, enhanced logging, or more frequent audits of external network activity.</li><li>Prevent Information Leakage The risk of data leakage through electromagnetic emissions or side-channel attacks should be assessed. Where appropriate, mitigation measures such as EMSEC orTEMPESTcontrols should be applied, especially for systems handling sensitive or classified information. The two controls — ID.AM-03-3 and ID.AM-04.2 — are closely related but focus on different scopes of infor- mation flow and network activity. This control, ID.AM-03-3, covers network-layer interactions with external entities, including:</li><li>Internet traffic (e.g., outbound web access, DNS queries, email traffic).</li><li>VPN connections, remote access, and cloud service communications.</li><li>Any communication that traverses the organisational perimeter, regardless of whether it involves a specific external system.</li></ul></div> |
|
A general note, for any purpose. |
The goal of this control is to ensure that external network communications are clearly understood, controlled, and monitored to reduce the risk of unauthorised access, data leakage, or service disruption across ICT and OT environments. To achieve this goal: - Map and Document External Flows Communication and data flows between the organisation and external parties should be mapped, docu- mented, and authorised. These records should be updated when changes occur. - Enforce Access Controls Network connections should be restricted to explicitly authorised interfaces to reduce the attack surface and prevent unauthorised data transfers. - Enhance Monitoring When Needed Monitoring should be intensified in response to elevated risk levels. This may include real-time alerts, enhanced logging, or more frequent audits of external network activity. - Prevent Information Leakage The risk of data leakage through electromagnetic emissions or side-channel attacks should be assessed. Where appropriate, mitigation measures such as EMSEC orTEMPESTcontrols should be applied, especially for systems handling sensitive or classified information. The two controls — ID.AM-03-3 and ID.AM-04.2 — are closely related but focus on different scopes of infor- mation flow and network activity. This control, ID.AM-03-3, covers network-layer interactions with external entities, including: - Internet traffic (e.g., outbound web access, DNS queries, email traffic). - VPN connections, remote access, and cloud service communications. - Any communication that traverses the organisational perimeter, regardless of whether it involves a specific external system. |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
ID.AM-02.5 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Unauthorised software detection mechanisms |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
Mechanisms for detecting the presence of unauthorised software within the organ- isation’s ICT/OT environment shall be identified. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
http://cyfun.data.gift/data/CyFun2025_delta_IMPORTANT_to_ESSENTIAL |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
The number of triples associated with the subject. |
17 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 19 of 19
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1