{"id":1890,"date":"2024-08-27T16:25:30","date_gmt":"2024-08-27T16:25:30","guid":{"rendered":"https:\/\/www.tarleton.edu\/security-controls-catalog\/?page_id=1890"},"modified":"2024-09-04T18:18:56","modified_gmt":"2024-09-04T18:18:56","slug":"si-4-system-monitoring","status":"publish","type":"page","link":"https:\/\/www.tarleton.edu\/security-controls-catalog\/system-and-information-integrity-si\/si-4-system-monitoring\/","title":{"rendered":"SI-4: System Monitoring"},"content":{"rendered":"\n<h1 class=\"wp-block-heading has-large-font-size\">SI-4: System Monitoring<\/h1>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-size:16px\"><strong>NIST Baseline: <\/strong>Low&nbsp;<\/h2>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-size:16px\"><strong>DIR Required By:<\/strong> &nbsp;07\/20\/2023&nbsp;<\/h2>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-size:16px\"><strong>TAMUS Required By:<\/strong> 08\/01\/2022&nbsp;<\/h2>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-size:16px\"><strong>Review Date: &nbsp;<\/strong>08\/22\/2024&nbsp;<\/h2>\n\n\n\n<ul class=\"wp-block-list its-nested-list\">\n<li>The Tarleton State University (Tarleton) Chief Information Security Officer (CISO) or their designee is responsible for implementing information security monitoring.&nbsp; The Tarleton Office of Innovative Technology Solutions (OITS) Security Team assists the CISO with network security monitoring and any other security monitoring needed across Tarleton information resources must be coordinated through the OITS \u2013 Security Team and CISO, as needed. &nbsp;<\/li>\n\n\n\n<li>High and Moderate Impact information resources must be monitored to detect: &nbsp;\n<ul class=\"wp-block-list\">\n<li>Attacks and indicators of potential attacks; &nbsp;<\/li>\n\n\n\n<li>Unauthorized local, network, and remote connections; &nbsp;<\/li>\n\n\n\n<li>Unauthorized access or use; &nbsp;<\/li>\n\n\n\n<li>Attempts to deny service or degrade the performance; and&nbsp;<\/li>\n\n\n\n<li>Automated tools should be used where deemed beneficial.&nbsp;<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Low Impact information resources can enable operating system logging features and other security monitoring features when necessary.&nbsp;<\/li>\n\n\n\n<li>Logs and other data generated by security monitoring should be reviewed and analyzed periodically based on risk management decisions by the system administrator in coordination with the CISO and OITS Security Team. &nbsp;<\/li>\n\n\n\n<li>Any significant security issues discovered and\/or signs of unauthorized activity will be reported following <a href=\"https:\/\/www.tarleton.edu\/security-controls-catalog\/incident-response-ir\/ir-6-incident-reporting\/\">Control IR-6, Incident Reporting<\/a>.\u00a0<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator alignfull has-text-color has-tarleton-purple-color has-alpha-channel-opacity has-tarleton-purple-background-color has-background is-style-wide\"\/>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><strong>References\/Additional Resources<\/strong><\/h3>\n\n\n\n<p><a href=\"https:\/\/www.federalregister.gov\/documents\/2016\/07\/28\/2016-17872\/revision-of-omb-circular-no-a-130-managing-information-as-a-strategic-resource\" target=\"_blank\" rel=\"noreferrer noopener\">OMB A-130<\/a>&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/csrc.nist.gov\/pubs\/fips\/140-3\/final\" target=\"_blank\" rel=\"noreferrer noopener\">FIPS 140-3<\/a>&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/csrc.nist.gov\/pubs\/sp\/800\/61\/r2\/final\" target=\"_blank\" rel=\"noreferrer noopener\">SP 800-61-2<\/a>&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/csrc.nist.gov\/pubs\/sp\/800\/83\/r1\/final\" target=\"_blank\" rel=\"noreferrer noopener\">SP 800-83-1<\/a>&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/csrc.nist.gov\/pubs\/sp\/800\/92\/final\" target=\"_blank\" rel=\"noreferrer noopener\">SP 800-92<\/a>&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/csrc.nist.gov\/pubs\/sp\/800\/94\/final\" target=\"_blank\" rel=\"noreferrer noopener\">SP 800-94<\/a>&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/csrc.nist.gov\/pubs\/sp\/800\/137\/final\" target=\"_blank\" rel=\"noreferrer noopener\">SP 800-137<\/a>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>SI-4: System Monitoring NIST Baseline: Low&nbsp; DIR Required By: &nbsp;07\/20\/2023&nbsp; TAMUS Required By: 08\/01\/2022&nbsp; Review Date: &nbsp;08\/22\/2024&nbsp; References\/Additional Resources OMB A-130&nbsp; FIPS 140-3&nbsp; SP 800-61-2&nbsp; SP 800-83-1&nbsp; SP 800-92&nbsp; SP &#8230;<\/p>\n","protected":false},"author":1,"featured_media":580,"parent":1981,"menu_order":4,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"inline_featured_image":false,"advgb_blocks_editor_width":"","advgb_blocks_columns_visual_guide":"","footnotes":""},"class_list":["post-1890","page","type-page","status-publish","has-post-thumbnail","hentry"],"acf":[],"coauthors":[],"author_meta":{"author_link":"https:\/\/www.tarleton.edu\/security-controls-catalog\/author\/brian-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-3\/","display_name":"brian"},"relative_dates":{"created":"Posted 2 years ago","modified":"Updated 2 years ago"},"absolute_dates":{"created":"Posted on August 27, 2024","modified":"Updated on September 4, 2024"},"absolute_dates_time":{"created":"Posted on August 27, 2024 4:25 pm","modified":"Updated on September 4, 2024 6:18 pm"},"featured_img_caption":"","featured_img":false,"series_order":"","_links":{"self":[{"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/pages\/1890","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/comments?post=1890"}],"version-history":[{"count":0,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/pages\/1890\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/pages\/1981"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/media?parent=1890"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}