800-53|SC-6

Title

RESOURCE AVAILABILITY

Description

The information system protects the availability of resources by allocating [Assignment: organization-defined resources] by [Selection (one or more); priority; quota; [Assignment: organization-defined security safeguards]].

Supplemental

Priority protection helps prevent lower-priority processes from delaying or interfering with the information system servicing any higher-priority processes. Quotas prevent users or processes from obtaining more than predetermined amounts of resources. This control does not apply to information system components for which there are only single users/roles.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Category: SYSTEM AND COMMUNICATIONS PROTECTION

Family: SYSTEM AND COMMUNICATIONS PROTECTION

Priority: P0

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
2.1 Set 'Mailbox quotas: Issue warning at' to '1991680'	Windows	CIS Microsoft Exchange Server 2013 Mailbox v1.1.0
2.1 Set 'Mailbox quotas: Issue warning at' to '1991680'	Windows	CIS Microsoft Exchange Server 2016 Mailbox v1.0.0
2.2 Set 'Mailbox quotas: Prohibit send and receive at' to '2411520'	Windows	CIS Microsoft Exchange Server 2013 Mailbox v1.1.0
2.2 Set 'Mailbox quotas: Prohibit send and receive at' to '2411520'	Windows	CIS Microsoft Exchange Server 2016 Mailbox v1.0.0
2.3 Set 'Mailbox quotas: Prohibit send at' to '2097152'	Windows	CIS Microsoft Exchange Server 2013 Mailbox v1.1.0
2.3 Set 'Mailbox quotas: Prohibit send at' to '2097152'	Windows	CIS Microsoft Exchange Server 2016 Mailbox v1.0.0
2.7 Set default ulimit as appropriate - default-ulimit	Unix	CIS Docker 1.12.0 v1.0.0 L1 Docker
2.7 Set default ulimit as appropriate - default-ulimit	Unix	CIS Docker 1.11.0 v1.0.0 L1 Docker
2.10 Set default ulimit as appropriate '--default-ulimit'	Unix	CIS Docker 1.6 v1.0.0 L1 Docker
2.14 Enable live restore	Unix	CIS Docker 1.13.0 v1.0.0 L1 Docker
2.14 Enable live restore	Unix	CIS Docker 1.12.0 v1.0.0 L1 Docker
2.14 Ensure live restore is Enabled	Unix	CIS Docker Community Edition v1.1.0 L1 Docker
5.10 Limit memory usage for container	Unix	CIS Docker 1.12.0 v1.0.0 L1 Docker
5.10 Limit memory usage for container	Unix	CIS Docker 1.11.0 v1.0.0 L1 Docker
5.12 Set container CPU priority appropriately	Unix	CIS Docker 1.6 v1.0.0 L1 Docker
5.18 Override default ulimit at runtime only if needed	Unix	CIS Docker 1.12.0 v1.0.0 L1 Docker
5.18 Override default ulimit at runtime only if needed	Unix	CIS Docker 1.11.0 v1.0.0 L1 Docker
8.5.1 Prevent virtual machines from taking over resources - CPU Share Level	VMware	CIS VMware ESXi 5.1 v1.0.1 Level 1
8.5.1 Prevent virtual machines from taking over resources - CPU Share Level	VMware	CIS VMware ESXi 5.5 v1.2.0 Level 2
8.5.1 Prevent virtual machines from taking over resources - Num CPU Shares	VMware	CIS VMware ESXi 5.1 v1.0.1 Level 2
8.5.1 Prevent virtual machines from taking over resources - Num Mem Shares	VMware	CIS VMware ESXi 5.5 v1.2.0 Level 2
8.5.1 Prevent virtual machines from taking over resources - Num Mem Shares	VMware	CIS VMware ESXi 5.1 v1.0.1 Level 1
Enable QoS on all VM guests	Unix	TNS Citrix Hypervisor
Firewall Filter - Rate-limit authorized protocols using policers	Juniper	Juniper Hardening JunOS 12 Devices Checklist
Firewall Filter - Rate-limit SYN packets to protect against a SYN flood attack	Juniper	Juniper Hardening JunOS 12 Devices Checklist
Snapshots are not present	Unix	TNS Citrix Hypervisor
SQL2-00-022400 - SQL Server must ensure, if Database Availability Groups are being used and there is a server failure, that none of the potential failover servers would suffer from resource exhaustion.	MS_SQLDB	DISA STIG SQL Server 2012 DB Instance Security v1r20
WG110 A22 - The number of allowed simultaneous requests must be set.	Unix	DISA STIG Apache Site 2.2 Unix v1r11
WG110 A22 - The number of allowed simultaneous requests must be set.	Unix	DISA STIG Apache Site 2.2 Unix v1r11 Middleware

Detections

Analytics