IBM Cloud Docs
SI-4 (4) - Inbound and Outbound Communications Traffic

SI-4 (4) - Inbound and Outbound Communications Traffic

Control requirements

SI-4 (4) (a)

Determine criteria for unusual or unauthorized activities or conditions for inbound and outbound communications traffic.

SI-4 (4) (b)

Monitor inbound and outbound communications traffic [IBM Assignment: continuously] for [Assignment: organization-defined unusual or unauthorized activities or conditions].

NIST supplemental guidance

Unusual or unauthorized activities or conditions related to system inbound and outbound communications traffic includes internal traffic that indicates the presence of malicious code or unauthorized use of legitimate code or credentials within organizational systems or propagating among system components, signaling to external systems, and the unauthorized exporting of information. Evidence of malicious code or unauthorized use of legitimate code or credentials is used to identify potentially compromised systems or system components.