Title
ANALYZE COMMUNICATIONS TRAFFIC ANOMALIES
Description
The organization analyzes outbound communications traffic at the external boundary of the information system and selected [Assignment: organization-defined interior points within the system (e.g., subnetworks, subsystems)] to discover anomalies.
Supplemental
Anomalies within organizational information systems include, for example, large file transfers, long-time persistent connections, unusual protocols and ports in use, and attempted communications with suspected malicious external addresses.
Reference Item Details
Category: SYSTEM AND INFORMATION INTEGRITY
Parent Title: INFORMATION SYSTEM MONITORING
Family: SYSTEM AND INFORMATION INTEGRITY