800-53|AC-23

Title

DATA MINING PROTECTION

Description

The organization employs [Assignment: organization-defined data mining prevention and detection techniques] for [Assignment: organization-defined data storage objects] to adequately detect and protect against data mining.

Supplemental

Data storage objects include, for example, databases, database records, and database fields. Data mining prevention and detection techniques include, for example: (i) limiting the types of responses provided to database queries; (ii) limiting the number/frequency of database queries to increase the work factor needed to determine the contents of such databases; and (iii) notifying organizational personnel when atypical database queries or accesses occur. This control focuses on the protection of organizational information from data mining while such information resides in organizational data stores. In contrast, AU-13 focuses on monitoring for organizational information that may have been mined or otherwise obtained from data stores and is now available as open source information residing on external sites, for example, through social networking or social media websites.

Reference Item Details

Category: ACCESS CONTROL

Family: ACCESS CONTROL

Priority: P0

Audit Items

View all Reference Audit Items

NamePluginAudit Name
AS24-U2-000680 - The Apache web server must restrict inbound connections from nonsecure zones.UnixDISA STIG Apache Server 2.4 Unix Site v2r4 Middleware
AS24-U2-000680 - The Apache web server must restrict inbound connections from nonsecure zones.UnixDISA STIG Apache Server 2.4 Unix Site v2r4
F5BI-AS-000157 - To protect against data mining, the BIG-IP ASM module must be configured to prevent code injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, queries, and fields when providing content filtering to virtual servers.F5DISA F5 BIG-IP Application Security Manager STIG v2r1
F5BI-AS-000159 - To protect against data mining, the BIG-IP ASM module must be configured to prevent code injection attacks launched against application objects, including, at a minimum, application URLs and application code when providing content filtering to virtual servers.F5DISA F5 BIG-IP Application Security Manager STIG v2r1
F5BI-AS-000161 - To protect against data mining, The BIG-IP ASM module must be configured to prevent SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields when providing content filtering to virtual servers.F5DISA F5 BIG-IP Application Security Manager STIG v2r1
F5BI-AS-000163 - To protect against data mining, The BIG-IP ASM module must be configured to detect code injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, queries, and fields when providing content filtering to virtual servers.F5DISA F5 BIG-IP Application Security Manager STIG v2r1
F5BI-AS-000165 - To protect against data mining, The BIG-IP ASM module must be configured to detect SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields when providing content filtering to virtual servers.F5DISA F5 BIG-IP Application Security Manager STIG v2r1
F5BI-AS-000167 - The BIG-IP ASM module must be configured to detect code injection attacks launched against application objects including, at a minimum, application URLs and application code, when providing content filtering to virtual servers.F5DISA F5 BIG-IP Application Security Manager STIG v2r1
F5BI-LT-000157 - To protect against data mining, the BIG-IP Core implementation must be configured to prevent code injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, queries, and fields when providing content filtering to virtual servers.F5DISA F5 BIG-IP Local Traffic Manager STIG v2r3
F5BI-LT-000159 - To protect against data mining, the BIG-IP Core implementation providing content filtering must be configured to prevent code injection attacks from being launched against application objects, including, at a minimum, application URLs and application code.F5DISA F5 BIG-IP Local Traffic Manager STIG v2r3
F5BI-LT-000161 - To protect against data mining, the BIG-IP Core implementation providing content filtering must be configured to prevent SQL injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, and database fields.F5DISA F5 BIG-IP Local Traffic Manager STIG v2r3
F5BI-LT-000163 - To protect against data mining, the BIG-IP Core implementation providing content filtering must be configured to detect code injection attacks being launched against data storage objects.F5DISA F5 BIG-IP Local Traffic Manager STIG v2r3
F5BI-LT-000165 - To protect against data mining, the BIG-IP Core implementation providing content filtering must be configured to detect SQL injection attacks being launched against data storage objects, including, at a minimum, databases, database records, and database fields.F5DISA F5 BIG-IP Local Traffic Manager STIG v2r3
F5BI-LT-000167 - The BIG-IP Core implementation must be configured to detect code injection attacks being launched against application objects, including, at a minimum, application URLs and application code, when providing content filtering to virtual servers.F5DISA F5 BIG-IP Local Traffic Manager STIG v2r3
JUSX-IP-000011 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must prevent code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.JuniperDISA Juniper SRX Services Gateway IDPS v2r1
JUSX-IP-000012 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must prevent code injection attacks launched against application objects, including, at a minimum, application URLs and application code.JuniperDISA Juniper SRX Services Gateway IDPS v2r1
JUSX-IP-000013 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must prevent SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields.JuniperDISA Juniper SRX Services Gateway IDPS v2r1
JUSX-IP-000014 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must detect code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.JuniperDISA Juniper SRX Services Gateway IDPS v2r1
JUSX-IP-000015 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must detect code injection attacks launched against application objects, including, at a minimum, application URLs and application code.JuniperDISA Juniper SRX Services Gateway IDPS v2r1
JUSX-IP-000016 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must detect SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields.JuniperDISA Juniper SRX Services Gateway IDPS v2r1
PANW-AG-000080 - To protect against data mining, the Palo Alto Networks security platform must detect and prevent SQL and other code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.Palo_AltoDISA STIG Palo Alto ALG v3r1
PANW-AG-000081 - To protect against data mining, the Palo Alto Networks security platform must detect and prevent code injection attacks launched against application objects including, at a minimum, application URLs and application code.Palo_AltoDISA STIG Palo Alto ALG v3r1
PANW-IP-000032 - To protect against unauthorized data mining, the Palo Alto Networks security platform must detect and prevent SQL and other code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.Palo_AltoDISA STIG Palo Alto IDPS v3r1