SC-7 Boundary Protection

GPTKB entity

Statements (36)
Predicate Object
gptkbp:instanceOf gptkb:NIST_Special_Publication
gptkbp:appliesTo Federal information systems
gptkbp:category Technical Control
gptkbp:controls SC-7
gptkbp:documentedIn gptkb:NIST_SP_800-53_Revision_5
gptkbp:family gptkb:System_and_Communications_Protection
https://www.w3.org/2000/01/rdf-schema#label SC-7 Boundary Protection
gptkbp:improves SC-7(1) Automated Enforcement
SC-7(10) Prevent Unauthorized Exfiltration
SC-7(11) Restrict Wireless Access
SC-7(12) Host-Based Protection
SC-7(13) Isolation of Security Tools
SC-7(15) Logical Isolation
SC-7(16) Prevent Unauthorized Information Transfer
SC-7(2) Public Access Protections
SC-7(3) Access Points
SC-7(4) External Telecommunications Services
SC-7(5) Deny by Default / Allow by Exception
SC-7(6) Response to Unsuccessful Communications
SC-7(7) Prevent Split Tunneling
SC-7(9) Restrict Unclassified Communications
SC-7(8) Route Traffic Only to Authorized Destinations
SC-7(14) Protect Against Unauthorized Physical Connections
gptkbp:mandate gptkb:Federal_Information_Security_Modernization_Act_(FISMA)
gptkbp:partOf gptkb:NIST_SP_800-53
gptkbp:purpose To monitor and control communications at the external boundary of the system and at key internal boundaries within the system.
gptkbp:relatedTo gptkb:SC-5_Denial_of_Service_Protection
gptkb:SC-8_Transmission_Confidentiality_and_Integrity
AC-4 Information Flow Enforcement
gptkbp:requires Use of boundary protection devices such as firewalls and gateways.
Enforcing security policies at boundaries
Implementation of boundary protection mechanisms
Limiting external network connections
Monitoring and controlling communications at system boundaries
gptkbp:bfsParent gptkb:System_and_Communications_Protection_(SC)
gptkbp:bfsLayer 7