nist 800-171 reporting in sentinel

%3CLINGO-SUB%20id%3D%22lingo-sub-3266278%22%20slang%3D%22en-US%22%3Enist%20800-171%20reporting%20in%20sentinel%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3266278%22%20slang%3D%22en-US%22%3E%3CP%3EHas%20anyone%20created%20any%20workbooks%20for%20NIST%20800-171%3F%3C%2FP%3E%3CP%3Efor%20example%20here's%20a%20list%20of%20NIST%20controls%20and%20related%20reports%20of%20interest%3A%3C%2FP%3E%3CP%3E3.1.1%20Limit%20system%20access%20to%20authorized%20users%3CBR%20%2F%3E3.1.6%20Use%20of%20non-privileged%20accounts%3CBR%20%2F%3E3.1.7%20Prevention%20of%20privileged%20functions%3CBR%20%2F%3E3.1.8%20Unsuccessful%20logon%20attempts%3CBR%20%2F%3E3.1.12%20Monitor%20remote%20access%3CBR%20%2F%3E3.1.20%20Use%20of%20external%20systems%3CBR%20%2F%3E3.1.21%20Portable%20storage%3CBR%20%2F%3E3.3.1%20Create%20protect%20and%20retain%20audit%20records%3CBR%20%2F%3E3.3.2%20User%20action%20audit%3CBR%20%2F%3E3.3.3%20Audit%20event%20reviews%3CBR%20%2F%3E3.3.4%20Audit%20failure%20alerts%3CBR%20%2F%3E3.3.5%20Audit%20event%20monitoring%3CBR%20%2F%3E3.3.6%20On-demand%20audit%20analysis%20and%20reporting%3CBR%20%2F%3E3.3.7%20Time%20synchronization%3CBR%20%2F%3E3.3.8%20Protect%20audit%20information%20and%20tools%3CBR%20%2F%3E3.3.9%20Limit%20audit%20management%20users%3CBR%20%2F%3E3.4.6%20Least%20functionality%3CBR%20%2F%3E3.4.7%20Nonessential%20functions%20ports%20protocols%20and%20services%3CBR%20%2F%3E3.4.8%20Default%20deny%3CBR%20%2F%3E3.4.9%20Control%20and%20monitor%20user%20installed%20software.%3CBR%20%2F%3E3.5.6%20Identifier%20inactivity%3CBR%20%2F%3E3.8.7%20Removable%20media%3CBR%20%2F%3E3.11.2%20Vulnerability%20scanning%3CBR%20%2F%3E3.11.3%20Vulnerability%20remediation%3CBR%20%2F%3E3.12.3%20Control%20effectiveness%3CBR%20%2F%3E3.13.1%20Boundary%20protection%3CBR%20%2F%3E3.13.13%20Mobile%20code%3CBR%20%2F%3E3.14.1%20Flaw%20handling%3CBR%20%2F%3E3.14.3%20Alert%20monitoring%3CBR%20%2F%3E3.14.4%20Protection%20updates%3CBR%20%2F%3E3.14.5%20File%20and%20malware%20scanning%3CBR%20%2F%3E3.14.6%20Traffic%20monitoring%3CBR%20%2F%3E3.14.7%20Unauthorized%20use%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-3266278%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ECompliance%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Contributor

Has anyone created any workbooks for NIST 800-171?

for example here's a list of NIST controls and related reports of interest:

3.1.1 Limit system access to authorized users
3.1.6 Use of non-privileged accounts
3.1.7 Prevention of privileged functions
3.1.8 Unsuccessful logon attempts
3.1.12 Monitor remote access
3.1.20 Use of external systems
3.1.21 Portable storage
3.3.1 Create protect and retain audit records
3.3.2 User action audit
3.3.3 Audit event reviews
3.3.4 Audit failure alerts
3.3.5 Audit event monitoring
3.3.6 On-demand audit analysis and reporting
3.3.7 Time synchronization
3.3.8 Protect audit information and tools
3.3.9 Limit audit management users
3.4.6 Least functionality
3.4.7 Nonessential functions ports protocols and services
3.4.8 Default deny
3.4.9 Control and monitor user installed software.
3.5.6 Identifier inactivity
3.8.7 Removable media
3.11.2 Vulnerability scanning
3.11.3 Vulnerability remediation
3.12.3 Control effectiveness
3.13.1 Boundary protection
3.13.13 Mobile code
3.14.1 Flaw handling
3.14.3 Alert monitoring
3.14.4 Protection updates
3.14.5 File and malware scanning
3.14.6 Traffic monitoring
3.14.7 Unauthorized use

0 Replies