Date: Dec 22, 2024, 11:11:50 AM
Date: Jul 7, 2021, 4:37:16 PM
Editor:
Editor: S3cN3tSys
Name:
Name: CIS Controls v8 safeguards
Description:
Description: CIS Controls are a prioritized set of Safeguards to mitigate the most prevalent cyber-attacks against systems and networks. Format of the recommendations: code: concatenation of - safeguard identifier - asset Type: Devices, Applications, Data Network, Users or N/A - security function: Identify, Protect, Detect, Respond or Recover - minimal implementation group: IG1, IG2, IG3 description: concatenation of - control - safeguard title

t1{}t1{
2    "authors": [
3        "S3cN3tSys"
4    ],
5    "label": "CIS Controls v8 safeguards",
6    "language": "EN",
7    "refs": [
8        "https://www.cisecurity.org/controls/v8/"
9    ],
10    "uuid": "e104cdf4-2fff-4989-9636-c16ddd8b2a78",
11    "values": [
12        {
13            "code": "1.1-Devices-Identify-IG1",
14            "description": "Inventory and control of enterprise assets-Establish and maintain detailed enterprise asset inventory",
15            "importance": 0,
16            "uuid": "bddbfd9a-bd01-4818-9b0f-59b876243c90"
17        },
18        {
19            "code": "1.2-Devices-Respond-IG1",
20            "description": "Inventory and control of enterprise assets-Address unauthorized assets",
21            "importance": 0,
22            "uuid": "df7b8cf0-93ef-49ce-bb41-3ae405ed0953"
23        },
24        {
25            "code": "1.3-Devices-Detect-IG2",
26            "description": "Inventory and control of enterprise assets-Utilize an active discovery tool",
27            "importance": 0,
28            "uuid": "0a290b75-f9a0-4103-a5ee-95900765c420"
29        },
30        {
31            "code": "1.4-Devices-Identify-IG2",
32            "description": "Inventory and control of enterprise assets-Use dynamic host configuration protocol (DHCP) logging to update enterprise asset inventory",
33            "importance": 0,
34            "uuid": "b511f821-a439-4591-b3ae-018e4669ecd2"
35        },
36        {
37            "code": "1.5-Devices-Detect-IG3",
38            "description": "Inventory and control of enterprise assets-Use a passive asset discovery tool",
39            "importance": 0,
40            "uuid": "e087cb99-8458-46e9-a685-d8b9c1d90309"
41        },
42        {
43            "code": "10.1-Devices-Protect-IG1",
44            "description": "Malware defenses-Deploy and maintain anti-malware software",
45            "importance": 0,
46            "uuid": "3dc09e1e-964f-465d-81b3-e7bee3dc4fc2"
47        },
48        {
49            "code": "10.2-Devices-Protect-IG1",
50            "description": "Malware defenses-Configure automatic anti-malware signature updates",
51            "importance": 0,
52            "uuid": "d6c49f98-6204-42e6-a1f4-f0f7206e2485"
53        },
54        {
55            "code": "10.3-Devices-Protect-IG1",
56            "description": "Malware defenses-Disable autorun and autoplay for removable media",
57            "importance": 0,
58            "uuid": "d25cd6be-da2a-4262-9949-168cdd555c36"
59        },
60        {
61            "code": "10.4-Devices-Detect-IG2",
62            "description": "Malware defenses-Configure automatic anti-malware scanning of removable media",
63            "importance": 0,
64            "uuid": "0f85c704-796b-4620-ab3b-307d870cf02e"
65        },
66        {
67            "code": "10.5-Devices-Protect-IG2",
68            "description": "Malware defenses-Enable anti-exploitation features",
69            "importance": 0,
70            "uuid": "71bcef8a-b0f9-4a9d-8736-7106eed100aa"
71        },
72        {
73            "code": "10.6-Devices-Protect-IG2",
74            "description": "Malware defenses-Centrally manage anti-malware software",
75            "importance": 0,
76            "uuid": "992326df-4230-4411-8369-271031da8fd3"
77        },
78        {
79            "code": "10.7-Devices-Detect-IG2",
80            "description": "Malware defenses-Use behavior-based anti-malware software",
81            "importance": 0,
82            "uuid": "5ff9342c-ef4b-4a94-846b-116449b816cc"
83        },
84        {
85            "code": "11.1-Data-Recover-IG1",
86            "description": "Data recovery-Establish and maintain a data recovery process",
87            "importance": 0,
88            "uuid": "a13ea0ef-ffb0-40b1-ad2a-12575023abc3"
89        },
90        {
91            "code": "11.2-Data-Recover-IG1",
92            "description": "Data recovery-Perform automated backups",
93            "importance": 0,
94            "uuid": "5d962f76-f06c-4ac8-8719-1e076bc045fa"
95        },
96        {
97            "code": "11.3-Data-Protect-IG1",
98            "description": "Data recovery-Protect recovery data",
99            "importance": 0,
100            "uuid": "8f1aea43-f84d-42f8-963b-f022bc26e0f0"
101        },
102        {
103            "code": "11.4-Data-Recover-IG1",
104            "description": "Data recovery-Establish and maintain an isolated instance of recovery data",
105            "importance": 0,
106            "uuid": "1856b595-3895-4dff-9ceb-558abec393f2"
107        },
108        {
109            "code": "11.5-Data-Recover-IG2",
110            "description": "Data recovery-Test data recovery",
111            "importance": 0,
112            "uuid": "d54a8077-661a-4aaa-b90e-f61e23764513"
113        },
114        {
115            "code": "12.1-Network-Protect-IG1",
116            "description": "Network infrastructure management-Ensure network infrastructure is up-to-date",
117            "importance": 0,
118            "uuid": "6f3c9210-54be-4aef-a326-c46389d34e5a"
119        },
120        {
121            "code": "12.2-Network-Protect-IG2",
122            "description": "Network infrastructure management-Establish and maintain a secure network architecture",
123            "importance": 0,
124            "uuid": "3b941a78-f75b-4b7d-9565-c3840af19471"
125        },
126        {
127            "code": "12.3-Network-Protect-IG2",
128            "description": "Network infrastructure management-Securely manage network infrastructure",
129            "importance": 0,
130            "uuid": "b3a03b9b-5f74-4a5b-9043-8662221dcde5"
131        },
132        {
133            "code": "12.4-Network-Identify-IG2",
134            "description": "Network infrastructure management-Establish and maintain architecture diagram(s)",
135            "importance": 0,
136            "uuid": "d6bb7326-163d-4c9d-a94c-f910a345cc55"
137        },
138        {
139            "code": "12.5-Network-Protect-IG2",
140            "description": "Network infrastructure management-Centralize network authentication; authorization; and auditing (AAA)",
141            "importance": 0,
142            "uuid": "bb69f5e6-5745-4a70-b863-248ba2a6fae2"
143        },
144        {
145            "code": "12.6-Network-Protect-IG2",
146            "description": "Network infrastructure management-Use of secure network management and communication protocols",
147            "importance": 0,
148            "uuid": "ad65c163-116b-4ff9-afc1-d2986362958c"
149        },
150        {
151            "code": "12.7-Devices-Protect-IG2",
152            "description": "Network infrastructure management-Ensure remote devices utilize a vpn and are connecting to an enterprises aaa infrastructure",
153            "importance": 0,
154            "uuid": "10779a71-e1a5-40bc-8035-65c1e879b3fb"
155        },
156        {
157            "code": "12.8-Devices-Protect-IG3",
158            "description": "Network infrastructure management-Establish and maintain dedicated computing resources for all administrative work",
159            "importance": 0,
160            "uuid": "6b2e129e-7212-418f-b73e-98ece0f5495a"
161        },
162        {
163            "code": "13.1-Network-Detect-IG2",
164            "description": "Network monitoring and defense-Centralize security event alerting",
165            "importance": 0,
166            "uuid": "67f9d216-3a19-41fe-9867-3ad72e46a8e4"
167        },
168        {
169            "code": "13.1-Network-Protect-IG2",
170            "description": "Network monitoring and defense-Perform application layer filtering",
171            "importance": 0,
172            "uuid": "7ceb6e84-5b91-4768-bac2-f5f378b17d39"
173        },
174        {
175            "code": "13.11-Network-Detect-IG3",
176            "description": "Network monitoring and defense-Tune security event alerting thresholds",
177            "importance": 0,
178            "uuid": "c36588b7-3795-4d29-aeb1-cad9779e071e"
179        },
180        {
181            "code": "13.2-Devices-Detect-IG2",
182            "description": "Network monitoring and defense-Deploy a host-based intrusion detection solution",
183            "importance": 0,
184            "uuid": "8b0e9aa6-563d-4932-b84e-42f7f5fa4b66"
185        },
186        {
187            "code": "13.3-Network-Detect-IG2",
188            "description": "Network monitoring and defense-Deploy a network intrusion detection solution",
189            "importance": 0,
190            "uuid": "8ad4ac5f-27d8-4088-8fdf-428dbca182ef"
191        },
192        {
193            "code": "13.4-Network-Protect-IG2",
194            "description": "Network monitoring and defense-Perform traffic filtering between network segments",
195            "importance": 0,
196            "uuid": "926bbf48-ac93-47b4-9c88-e18f3d2e0dd5"
197        },
198        {
199            "code": "13.5-Devices-Protect-IG2",
200            "description": "Network monitoring and defense-Manage access control for remote assets",
201            "importance": 0,
202            "uuid": "077f28d8-ad9f-429d-96dc-31f91b7daf3c"
203        },
204        {
205            "code": "13.6-Network-Detect-IG2",
206            "description": "Network monitoring and defense-Collect network traffic flow logs ",
207            "importance": 0,
208            "uuid": "db99bd9e-2b52-4513-9385-7ccb7fec8325"
209        },
210        {
211            "code": "13.7-Devices-Protect-IG3",
212            "description": "Network monitoring and defense-Deploy a host-based intrusion prevention solution",
213            "importance": 0,
214            "uuid": "8fc8c868-4a72-4a49-af62-01b0b7931475"
215        },
216        {
217            "code": "13.8-Network-Protect-IG3",
218            "description": "Network monitoring and defense-Deploy a network intrusion prevention solution",
219            "importance": 0,
220            "uuid": "ed739bd6-2fce-416c-a24a-9a85d0a205d0"
221        },
222        {
223            "code": "13.9-Devices-Protect-IG3",
224            "description": "Network monitoring and defense-Deploy port-level access control",
225            "importance": 0,
226            "uuid": "d97e7de7-32d7-45bd-a149-c60c68b205a1"
227        },
228        {
229            "code": "14.1-N/A-Protect",
230            "description": "Security awareness and skills training-Establish and maintain a security awareness program",
231            "importance": 0,
232            "uuid": "242c4eef-df6b-4111-b443-c748405d7612"
233        },
234        {
235            "code": "14.2-N/A-Protect",
236            "description": "Security awareness and skills training-Train workforce members to recognize social engineering attacks",
237            "importance": 0,
238            "uuid": "f9f5f9e1-2909-467a-995f-6aa98e5d5c64"
239        },
240        {
241            "code": "14.3-N/A-Protect",
242            "description": "Security awareness and skills training-Train workforce members on authentication best practices",
243            "importance": 0,
244            "uuid": "7c0e7f6a-7e63-4837-b1af-64fc4a33094e"
245        },
246        {
247            "code": "14.4-N/A-Protect",
248            "description": "Security awareness and skills training-Train workforce on data handling best practices",
249            "importance": 0,
250            "uuid": "4d0e4320-e854-4787-ac37-d9781582481b"
251        },
252        {
253            "code": "14.5-N/A-Protect",
254            "description": "Security awareness and skills training-Train workforce members on causes of unintentional data exposure",
255            "importance": 0,
256            "uuid": "f6d1f4bf-74ff-4075-ba11-e143a0606193"
257        },
258        {
259            "code": "14.6-N/A-Protect",
260            "description": "Security awareness and skills training-Train workforce members on recognizing and reporting security incidents",
261            "importance": 0,
262            "uuid": "41304900-8386-4462-b6e5-ab24aed576fd"
263        },
264        {
265            "code": "14.7-N/A-Protect",
266            "description": "Security awareness and skills training-Train workforce on how to identify and report if their enterprise assets are missing security updates",
267            "importance": 0,
268            "uuid": "6a408e9a-eddf-4500-a06c-77fd5e40ceac"
269        },
270        {
271            "code": "14.8-N/A-Protect",
272            "description": "Security awareness and skills training-Train workforce on the dangers of connecting to and transmitting enterprise data over insecure networks",
273            "importance": 0,
274            "uuid": "675cfd37-7f0e-428d-9897-17e599b359e2"
275        },
276        {
277            "code": "14.9-N/A-Protect",
278            "description": "Security awareness and skills training-Conduct role-specific security awareness and skills training",
279            "importance": 0,
280            "uuid": "635b5ea6-fac3-4ce0-a2a5-c52d45e45567"
281        },
282        {
283            "code": "15.1-N/A-Identify",
284            "description": "Service provider management-Establish and maintain an inventory of service providers",
285            "importance": 0,
286            "uuid": "9a93ac72-5e01-40c8-aa59-15ce818dfc9e"
287        },
288        {
289            "code": "15.2-N/A-Identify",
290            "description": "Service provider management-Establish and maintain a service provider management policy",
291            "importance": 0,
292            "uuid": "3cc0492c-aef0-43e8-a204-518c85e16bfb"
293        },
294        {
295            "code": "15.3-N/A-Identify",
296            "description": "Service provider management-Classify service providers",
297            "importance": 0,
298            "uuid": "4679c841-a248-4acd-9546-4c0b296667b3"
299        },
300        {
301            "code": "15.4-N/A-Protect",
302            "description": "Service provider management-Ensure service provider contracts include security requirements",
303            "importance": 0,
304            "uuid": "c5899967-df04-4c30-88f2-9a5063fa9fc0"
305        },
306        {
307            "code": "15.5-N/A-Identify",
308            "description": "Service provider management-Assess service providers",
309            "importance": 0,
310            "uuid": "306e2298-b1b3-403f-8bb0-0ace52e2ada2"
311        },
312        {
313            "code": "15.6-Data-Detect-IG3",
314            "description": "Service provider management-Monitor service providers",
315            "importance": 0,
316            "uuid": "2401973b-c535-4e04-b7b6-2e5411b41a84"
317        },
318        {
319            "code": "15.7-Data-Protect-IG3",
320            "description": "Service provider management-Securely decommission service providers",
321            "importance": 0,
322            "uuid": "d11c9f97-a848-4c18-9153-e0ca31f2dd3c"
323        },
324        {
325            "code": "16.1-Applications-Protect-IG2",
326            "description": "Application software security-Establish and maintain a secure application developmentprocess",
327            "importance": 0,
328            "uuid": "db784c45-c0b9-43bd-8643-e43fdbb4c437"
329        },
330        {
331            "code": "16.10-Applications-Protect-IG2",
332            "description": "Application software security-Apply secure design principles in application architectures",
333            "importance": 0,
334            "uuid": "d93d03cd-205d-4ac6-b1a1-ccd278a8061d"
335        },
336        {
337            "code": "16.11-Applications-Protect-IG2",
338            "description": "Application software security-Leverage vetted modules or services for application security components",
339            "importance": 0,
340            "uuid": "811f7d98-b355-48bf-bb99-d760dfbdcfc6"
341        },
342        {
343            "code": "16.12-Applications-Protect-IG3",
344            "description": "Application software security-Implement code-level security checks",
345            "importance": 0,
346            "uuid": "17376129-173e-4ca8-8f7c-033b70fb2001"
347        },
348        {
349            "code": "16.13-Applications-Protect-IG3",
350            "description": "Application software security-Conduct application penetration testing",
351            "importance": 0,
352            "uuid": "53c61b03-34bf-41b7-9739-7be444b7467f"
353        },
354        {
355            "code": "16.14-Applications-Protect-IG3",
356            "description": "Application software security-Conduct threat modeling",
357            "importance": 0,
358            "uuid": "113cd8a0-199c-4af4-9fb9-9d039513d08f"
359        },
360        {
361            "code": "16.2-Applications-Protect-IG2",
362            "description": "Application software security-Establish and maintain a process to accept and address software vulnerabilities",
363            "importance": 0,
364            "uuid": "074c5418-aae7-41df-854e-909ccb91d469"
365        },
366        {
367            "code": "16.3-Applications-Protect-IG2",
368            "description": "Application software security-Perform root cause analysis on security vulnerabilities",
369            "importance": 0,
370            "uuid": "59ef8b71-f972-47dc-be03-0f8b25dfbe80"
371        },
372        {
373            "code": "16.4-Applications-Protect-IG2",
374            "description": "Application software security-Establish and manage an inventory of third-party software components",
375            "importance": 0,
376            "uuid": "10df85b2-f5e4-48ec-8ff6-ea9e33bd7a3d"
377        },
378        {
379            "code": "16.5-Applications-Protect-IG2",
380            "description": "Application software security-Use up-to-date and trusted third-party software components",
381            "importance": 0,
382            "uuid": "5cb4fd72-aefd-4d91-a551-85ab75b0fa95"
383        },
384        {
385            "code": "16.6-Applications-Protect-IG2",
386            "description": "Application software security-Establish and maintain a severity rating system and process for application vulnerabilities",
387            "importance": 0,
388            "uuid": "40780741-bf90-49d0-8cae-8b79b9c67688"
389        },
390        {
391            "code": "16.7-Applications-Protect-IG2",
392            "description": "Application software security-Use standard hardening configuration templates for application infrastructure",
393            "importance": 0,
394            "uuid": "08765a85-badb-4064-afd2-0a5f44191c09"
395        },
396        {
397            "code": "16.8-Applications-Protect-IG2",
398            "description": "Application software security-Separate production and non-production systems",
399            "importance": 0,
400            "uuid": "93648fa0-22f5-48db-902b-ea183636ee60"
401        },
402        {
403            "code": "16.9-Applications-Protect-IG2",
404            "description": "Application software security-Train developers in application security concepts and secure coding",
405            "importance": 0,
406            "uuid": "cf064702-2b50-4584-ad85-b0906fc2cd41"
407        },
408        {
409            "code": "17.1-N/A-Respond",
410            "description": "Incident response management-Designate personnel to manage incident handling",
411            "importance": 0,
412            "uuid": "21ef0712-1c11-41ee-8779-1df154ba60c0"
413        },
414        {
415            "code": "17.2-N/A-Respond",
416            "description": "Incident response management-Establish and maintain contact information for reporting security incidents",
417            "importance": 0,
418            "uuid": "63e7f08e-97f8-4158-bda4-236b90c1e3bc"
419        },
420        {
421            "code": "17.3-N/A-Respond",
422            "description": "Incident response management-Establish and maintain an enterprise process for reporting incidents",
423            "importance": 0,
424            "uuid": "803cce36-fdf0-40c6-b307-f599d1d2dd7b"
425        },
426        {
427            "code": "17.4-N/A-Respond",
428            "description": "Incident response management-Establish and maintain an incident response process",
429            "importance": 0,
430            "uuid": "28a2bd0e-963a-4136-a2ca-97aaeb464730"
431        },
432        {
433            "code": "17.5-N/A-Respond",
434            "description": "Incident response management-Assign key roles and responsibilities",
435            "importance": 0,
436            "uuid": "5ffc1ef8-c708-437d-92ed-47a4c009c707"
437        },
438        {
439            "code": "17.6-N/A-Respond",
440            "description": "Incident response management-Define mechanisms for communicating during incident response",
441            "importance": 0,
442            "uuid": "705f68b7-b2e7-4fc1-8fc2-6f5ca2c907fb"
443        },
444        {
445            "code": "17.7-N/A-Recover",
446            "description": "Incident response management-Conduct routine incident response exercises",
447            "importance": 0,
448            "uuid": "c4cd4c54-ef9b-4772-b38a-637beb606327"
449        },
450        {
451            "code": "17.8-N/A-Recover",
452            "description": "Incident response management-Conduct post-incident reviews",
453            "importance": 0,
454            "uuid": "eb3a14e8-43c9-4a37-af9d-210413259eb3"
455        },
456        {
457            "code": "17.9-N/A-Recover",
458            "description": "Incident response management-Establish and maintain security incident thresholds",
459            "importance": 0,
460            "uuid": "e3484c4b-6fdf-48a8-ba77-91f4f2385daa"
461        },
462        {
463            "code": "18.1-N/A-Identify",
464            "description": "Penetration testing-Establish and maintain a penetration testing program",
465            "importance": 0,
466            "uuid": "52057c66-fefe-40b9-a176-3eec10c0ab06"
467        },
468        {
469            "code": "18.2-Network-Identify-IG2",
470            "description": "Penetration testing-Perform periodic external penetration tests",
471            "importance": 0,
472            "uuid": "d39d0f22-cdbb-4577-9285-1de2a6f7036b"
473        },
474        {
475            "code": "18.3-Network-Protect-IG2-IG1",
476            "description": "Penetration testing-Remediate penetration test findings",
477            "importance": 0,
478            "uuid": "c0d370ca-5c25-4c22-becc-79516a026298"
479        },
480        {
481            "code": "18.4-Network-Protect-IG3-IG2",
482            "description": "Penetration testing-Validate security measures",
483            "importance": 0,
484            "uuid": "3eee979d-2e78-4b4f-aaa1-701a1eb81bd3"
485        },
486        {
487            "code": "18.5-N/A-Identify",
488            "description": "Penetration testing-Perform periodic internal penetration tests",
489            "importance": 0,
490            "uuid": "8bf03dd7-9b05-4d90-9e78-b8745eb163fa"
491        },
492        {
493            "code": "2.1-Applications-Identify-IG1",
494            "description": "Inventory and control of software assets-Establish and maintain a software inventory",
495            "importance": 0,
496            "uuid": "cb300188-2a2a-47aa-a5d1-89292844d692"
497        },
498        {
499            "code": "2.2-Applications-Identify-IG1",
500            "description": "Inventory and control of software assets-Ensure authorized software is currently supported ",
501            "importance": 0,
502            "uuid": "5b7c6e6c-a603-4c92-9721-a8a24177cbaa"
503        },
504        {
505            "code": "2.3-Applications-Respond-IG1",
506            "description": "Inventory and control of software assets-Address unauthorized software",
507            "importance": 0,
508            "uuid": "93befead-5a8f-4df7-91a2-b23e3f922f48"
509        },
510        {
511            "code": "2.4-Applications-Detect-IG2",
512            "description": "Inventory and control of software assets-Utilize automated software inventory tools",
513            "importance": 0,
514            "uuid": "155fea9b-0ca0-4c3a-9414-91928f7af662"
515        },
516        {
517            "code": "2.5-Applications-Protect-IG2",
518            "description": "Inventory and control of software assets-Allowlist authorized software",
519            "importance": 0,
520            "uuid": "b6772c6b-9654-4467-a149-696f82947075"
521        },
522        {
523            "code": "2.6-Applications-Protect-IG2",
524            "description": "Inventory and control of software assets-Allowlist authorized libraries",
525            "importance": 0,
526            "uuid": "4a7cc9ba-ae68-41c7-8a96-f4ebbe452acf"
527        },
528        {
529            "code": "2.7-Applications-Protect-IG3",
530            "description": "Inventory and control of software assets-Allowlist authorized scripts",
531            "importance": 0,
532            "uuid": "26e285a6-3197-413d-9599-fd466286b958"
533        },
534        {
535            "code": "3.1-Data-Identify-IG1",
536            "description": "Data protection-Establish and maintain a data management process",
537            "importance": 0,
538            "uuid": "514fbadc-c751-4852-9fd6-8351b6054f8d"
539        },
540        {
541            "code": "3.1-Data-Protect-IG1",
542            "description": "Data protection-Encrypt sensitive data in transit",
543            "importance": 0,
544            "uuid": "a243b1de-67d6-463a-9fa8-c424beda6250"
545        },
546        {
547            "code": "3.11-Data-Protect-IG2",
548            "description": "Data protection-Encrypt sensitive data at rest",
549            "importance": 0,
550            "uuid": "da4089a1-4a1e-46c2-aeef-8f502b37ade2"
551        },
552        {
553            "code": "3.12-Network-Protect-IG2",
554            "description": "Data protection-Segment data processing and storage based on sensitivity",
555            "importance": 0,
556            "uuid": "7c72e13e-e088-4e44-9910-c86c3de60d10"
557        },
558        {
559            "code": "3.13-Data-Protect-IG3",
560            "description": "Data protection-Deploy a data loss prevention solution",
561            "importance": 0,
562            "uuid": "0496fa97-cdcb-4199-bec9-973feb9fe8d2"
563        },
564        {
565            "code": "3.14-Data-Detect-IG3",
566            "description": "Data protection-Log sensitive data access",
567            "importance": 0,
568            "uuid": "ccf1033b-824a-438d-b12b-a25e3c7d6684"
569        },
570        {
571            "code": "3.2-Data-Identify-IG1",
572            "description": "Data protection-Establish and maintain a data inventory",
573            "importance": 0,
574            "uuid": "e6452c3e-4246-480d-aa6a-7215203710ad"
575        },
576        {
577            "code": "3.3-Data-Protect-IG1",
578            "description": "Data protection-Configure data access control lists",
579            "importance": 0,
580            "uuid": "1294ffcd-b674-4643-9991-4e7320390122"
581        },
582        {
583            "code": "3.4-Data-Protect-IG1",
584            "description": "Data protection-Enforce data retention",
585            "importance": 0,
586            "uuid": "a70a5a30-b5e5-4ea6-acbe-834746a0fed1"
587        },
588        {
589            "code": "3.5-Data-Protect-IG1",
590            "description": "Data protection-Securely dispose of data",
591            "importance": 0,
592            "uuid": "59984672-7139-45c4-997f-e66feab835a9"
593        },
594        {
595            "code": "3.6-Devices-Protect-IG1",
596            "description": "Data protection-Encrypt data on end-user devices",
597            "importance": 0,
598            "uuid": "f77bf54d-1cda-4dda-aa3f-cb6629029d8c"
599        },
600        {
601            "code": "3.7-Data-Identify-IG2",
602            "description": "Data protection-Establish and maintain a data classification scheme",
603            "importance": 0,
604            "uuid": "99eb13c7-2d8d-4d53-8e19-871214d91f39"
605        },
606        {
607            "code": "3.8-Data-Identify-IG2",
608            "description": "Data protection-Document data flows",
609            "importance": 0,
610            "uuid": "24dc11d3-998b-47ca-b7f4-40310afa3c03"
611        },
612        {
613            "code": "3.9-Data-Protect-IG2",
614            "description": "Data protection-Encrypt data on removable media",
615            "importance": 0,
616            "uuid": "d796c0d3-8205-4732-a3d1-d7832c8a89d5"
617        },
618        {
619            "code": "4.1-Applications-Protect-IG1",
620            "description": "Secure configuration of enterprise assets and software-Establish and maintain a secure configuration process",
621            "importance": 0,
622            "uuid": "eeb97c09-6a2c-412c-87b1-b39df7fa3630"
623        },
624        {
625            "code": "4.1-Devices-Respond-IG1",
626            "description": "Secure configuration of enterprise assets and software-Enforce automatic device lockout on portable end-user devices",
627            "importance": 0,
628            "uuid": "a8f19c86-2de7-4f2a-b444-7a35fedbc9d6"
629        },
630        {
631            "code": "4.11-Devices-Protect-IG2",
632            "description": "Secure configuration of enterprise assets and software-Enforce remote wipe capability on portable end-user devices",
633            "importance": 0,
634            "uuid": "943a0a0e-82e4-4f32-af2c-4bdded48773f"
635        },
636        {
637            "code": "4.12-Devices-Protect-IG3",
638            "description": "Secure configuration of enterprise assets and software-Separate enterprise workspaces on mobile end-user devices",
639            "importance": 0,
640            "uuid": "bde651cc-d6ef-4e2b-ab5e-4aed6699b2e6"
641        },
642        {
643            "code": "4.2-Network-Protect-IG1",
644            "description": "Secure configuration of enterprise assets and software-Establish and maintain a secure configuration process for network infrastructure",
645            "importance": 0,
646            "uuid": "b9766b93-09d4-4b1b-b848-9c03aaeed19b"
647        },
648        {
649            "code": "4.3-Users-Protect-IG1",
650            "description": "Secure configuration of enterprise assets and software-Configure automatic session locking on enterprise assets",
651            "importance": 0,
652            "uuid": "7c0f8833-55f5-44a8-b244-b3beb4b28e4d"
653        },
654        {
655            "code": "4.4-Devices-Protect-IG1",
656            "description": "Secure configuration of enterprise assets and software-Implement and manage a firewall on servers",
657            "importance": 0,
658            "uuid": "28c3e828-507b-4b48-b9a5-98cf200725b0"
659        },
660        {
661            "code": "4.5-Devices-Protect-IG1",
662            "description": "Secure configuration of enterprise assets and software-Implement and manage a firewall on end-user devices",
663            "importance": 0,
664            "uuid": "5b35e2e9-d622-43e2-90d5-9378af88feaa"
665        },
666        {
667            "code": "4.6-Network-Protect-IG1",
668            "description": "Secure configuration of enterprise assets and software-Securely manage enterprise assets and software",
669            "importance": 0,
670            "uuid": "f33e930d-5109-4554-88ce-ea57c3328884"
671        },
672        {
673            "code": "4.7-Users-Protect-IG1",
674            "description": "Secure configuration of enterprise assets and software-Manage default accounts on enterprise assets and software",
675            "importance": 0,
676            "uuid": "b964543d-bf6e-49c6-87c9-4d585bcb8b16"
677        },
678        {
679            "code": "4.8-Devices-Protect-IG2",
680            "description": "Secure configuration of enterprise assets and software-Uninstall or disable unnecessary services on enterprise assets and software",
681            "importance": 0,
682            "uuid": "de1d62d8-b9da-48b7-acd9-317999d9a242"
683        },
684        {
685            "code": "4.9-Devices-Protect-IG2",
686            "description": "Secure configuration of enterprise assets and software-Configure trusted DNS servers on enterprise assets",
687            "importance": 0,
688            "uuid": "a6d7262a-2da6-4228-8032-50ea496ca8d3"
689        },
690        {
691            "code": "5.1-Users-Identify-IG1",
692            "description": "Account management-Establish and maintain an inventory of accounts",
693            "importance": 0,
694            "uuid": "79c1bac9-8681-497d-ae56-b5d7320fcc4e"
695        },
696        {
697            "code": "5.2-Users-Protect-IG1",
698            "description": "Account management-Use unique passwords",
699            "importance": 0,
700            "uuid": "198f625b-65ba-4355-9d12-ca6b4ce63e58"
701        },
702        {
703            "code": "5.3-Users-Respond-IG1",
704            "description": "Account management-Disable dormant accounts",
705            "importance": 0,
706            "uuid": "9f5b502d-96c2-4568-a7e2-9d24eeb54ea7"
707        },
708        {
709            "code": "5.4-Users-Protect-IG1",
710            "description": "Account management-Restrict administrator privileges to dedicated administrator accounts",
711            "importance": 0,
712            "uuid": "efd5342b-ddff-42b0-b5d9-302ece0948c4"
713        },
714        {
715            "code": "5.5-Users-Identify-IG2",
716            "description": "Account management-Establish and maintain an inventory of service accounts",
717            "importance": 0,
718            "uuid": "127d4313-783f-4c3c-ba54-565d8b843dd0"
719        },
720        {
721            "code": "5.6-Users-Protect-IG2",
722            "description": "Account management-Centralize account management",
723            "importance": 0,
724            "uuid": "9a7f9aac-6cc2-4e4e-8470-9d56e8c38cc2"
725        },
726        {
727            "code": "6.1-Users-Protect-IG1",
728            "description": "Access control management-Establish an access granting process",
729            "importance": 0,
730            "uuid": "a45dddcc-87b5-4b3e-8bfb-5e84b556fb45"
731        },
732        {
733            "code": "6.2-Users-Protect-IG1",
734            "description": "Access control management-Establish an access revoking process",
735            "importance": 0,
736            "uuid": "e0100354-04eb-4e4c-91b3-180d5ac0914d"
737        },
738        {
739            "code": "6.3-Users-Protect-IG1",
740            "description": "Access control management-Require MFA for externally-exposed applications",
741            "importance": 0,
742            "uuid": "5df20f59-7c9a-4f73-b93d-06a8d9a6e305"
743        },
744        {
745            "code": "6.4-Users-Protect-IG1",
746            "description": "Access control management-Require MFA for remote network access",
747            "importance": 0,
748            "uuid": "3952da07-2c10-4bfb-922a-4bf7a3efd8a5"
749        },
750        {
751            "code": "6.5-Users-Protect-IG1",
752            "description": "Access control management-Require MFA for administrative access",
753            "importance": 0,
754            "uuid": "feb19850-2fdf-4e3b-b585-1306ec5a6e3e"
755        },
756        {
757            "code": "6.6-Users-Identify-IG2",
758            "description": "Access control management-Establish and maintain an inventory of authentication and authorization systems",
759            "importance": 0,
760            "uuid": "3fcea4a8-7455-4108-9519-d96201946178"
761        },
762        {
763            "code": "6.7-Users-Protect-IG2",
764            "description": "Access control management-Centralize access control",
765            "importance": 0,
766            "uuid": "5d4e75d0-b4a9-407e-97fd-531679846792"
767        },
768        {
769            "code": "6.8-Data-Protect-IG3",
770            "description": "Access control management-Define and maintain role-based access control (RBAC)",
771            "importance": 0,
772            "uuid": "bb855630-0b87-4f53-a47a-3ca2dab1b031"
773        },
774        {
775            "code": "7.1-Applications-Protect-IG1",
776            "description": "Continuous vulnerability management-Establish and maintain a vulnerability management process",
777            "importance": 0,
778            "uuid": "7aa13de2-dc5f-439b-978c-b5560f996618"
779        },
780        {
781            "code": "7.2-Applications-Respond-IG1",
782            "description": "Continuous vulnerability management-Establish and maintain a remediation process",
783            "importance": 0,
784            "uuid": "e7ebffb5-60c8-424a-bee1-a3381548fee4"
785        },
786        {
787            "code": "7.3-Applications-Protect-IG1",
788            "description": "Continuous vulnerability management-Perform automated operating system patch management",
789            "importance": 0,
790            "uuid": "696a813c-bcfd-4232-a5e7-203f15abd40e"
791        },
792        {
793            "code": "7.4-Applications-Protect-IG1",
794            "description": "Continuous vulnerability management-Perform automated application patch management",
795            "importance": 0,
796            "uuid": "dae71e2c-d17e-43fb-8c0a-08833ffd4c4c"
797        },
798        {
799            "code": "7.5-Applications-Identify-IG2",
800            "description": "Continuous vulnerability management-Perform automated vulnerability scans of internal enterprise assets",
801            "importance": 0,
802            "uuid": "4bd271b1-7cb9-487c-aa33-9e9a58333539"
803        },
804        {
805            "code": "7.6-Applications-Identify-IG2",
806            "description": "Continuous vulnerability management-Perform automated vulnerability scans of externally-exposed enterprise assets",
807            "importance": 0,
808            "uuid": "7cfd1b0c-94a2-4758-b560-22559d6ab0aa"
809        },
810        {
811            "code": "7.7-Applications-Respond-IG2",
812            "description": "Continuous vulnerability management-Remediate detected vulnerabilities",
813            "importance": 0,
814            "uuid": "1b2a0f89-eff4-45f6-a4d2-1162b4f9833d"
815        },
816        {
817            "code": "8.1-Network-Protect-IG1",
818            "description": "Audit log management-Establish and maintain an audit log management process",
819            "importance": 0,
820            "uuid": "6587f6b6-8117-4880-9a53-a33d1c45ddac"
821        },
822        {
823            "code": "8.10-Network-Protect-IG2",
824            "description": "Audit log management-Retain audit logs",
825            "importance": 0,
826            "uuid": "d55223d6-9722-4f41-ae68-cd97baaa3efa"
827        },
828        {
829            "code": "8.11-Network-Detect-IG2",
830            "description": "Audit log management-Conduct audit log reviews",
831            "importance": 0,
832            "uuid": "51fddb77-d00e-49d5-b6d5-8cc9aeaf28bf"
833        },
834        {
835            "code": "8.12-Data-Detect-IG3",
836            "description": "Audit log management-Collect service provider logs",
837            "importance": 0,
838            "uuid": "388dda2b-99ed-469b-874f-fb34a8e3da75"
839        },
840        {
841            "code": "8.2-Network-Detect-IG1",
842            "description": "Audit log management-Collect audit logs",
843            "importance": 0,
844            "uuid": "fc1e36ed-edfd-416d-9aa9-3ffe02870e8c"
845        },
846        {
847            "code": "8.3-Network-Protect-IG1",
848            "description": "Audit log management-Ensure adequate audit log storage",
849            "importance": 0,
850            "uuid": "b787f52d-d2b2-468b-95dc-c3d45cb558be"
851        },
852        {
853            "code": "8.4-Network-Protect-IG2",
854            "description": "Audit log management-Standardize time synchronization",
855            "importance": 0,
856            "uuid": "592c3e38-4701-4d48-ae0b-0860d60421e9"
857        },
858        {
859            "code": "8.5-Network-Detect-IG2",
860            "description": "Audit log management-Collect detailed audit logs",
861            "importance": 0,
862            "uuid": "413b6bf4-baa3-460c-ba86-87d8cae5a7f8"
863        },
864        {
865            "code": "8.6-Network-Detect-IG2",
866            "description": "Audit log management-Collect DNS query audit logs",
867            "importance": 0,
868            "uuid": "65b355d4-380a-48bb-8816-a6f8664efa5f"
869        },
870        {
871            "code": "8.7-Network-Detect-IG2",
872            "description": "Audit log management-Collect URL request audit logs",
873            "importance": 0,
874            "uuid": "7872331d-07b1-4f5c-90e3-a6b859e24851"
875        },
876        {
877            "code": "8.8-Devices-Detect-IG2",
878            "description": "Audit log management-Collect command-line audit logs",
879            "importance": 0,
880            "uuid": "43a1cc08-ce70-41a2-8dd9-7570084128b6"
881        },
882        {
883            "code": "8.9-Network-Detect-IG2",
884            "description": "Audit log management-Centralize audit logs",
885            "importance": 0,
886            "uuid": "809ac4bb-bea5-49bb-9f52-9763acad34a3"
887        },
888        {
889            "code": "9.1-Applications-Protect-IG1",
890            "description": "Email and web browser protections-Ensure use of only fully supported browsers and email clients",
891            "importance": 0,
892            "uuid": "3c4d4eaa-adb3-4837-b361-7b7537817172"
893        },
894        {
895            "code": "9.2-Network-Protect-IG1",
896            "description": "Email and web browser protections-Use DNS filtering services",
897            "importance": 0,
898            "uuid": "934174ab-91fc-4792-bdf7-18c69f3e02fe"
899        },
900        {
901            "code": "9.3-Network-Protect-IG2",
902            "description": "Email and web browser protections-Maintain and enforce network-based url filters",
903            "importance": 0,
904            "uuid": "ba8ae738-a5b1-4ceb-90ea-702a613a7721"
905        },
906        {
907            "code": "9.4-Applications-Protect-IG2",
908            "description": "Email and web browser protections-Restrict unnecessary or unauthorized browser and email client extensions",
909            "importance": 0,
910            "uuid": "9e4dd002-04af-44ae-806f-ea57cdfde604"
911        },
912        {
913            "code": "9.5-Network-Protect-IG2",
914            "description": "Email and web browser protections-Implement DMARC",
915            "importance": 0,
916            "uuid": "f58a964d-47a7-47bb-a8c8-95e97f2c874f"
917        },
918        {
919            "code": "9.6-Network-Protect-IG2",
920            "description": "Email and web browser protections-Block unnecessary file types",
921            "importance": 0,
922            "uuid": "5296d4df-1df0-492d-b5fe-a93dfc255fb1"
923        },
924        {
925            "code": "9.7-Network-Protect-IG3",
926            "description": "Email and web browser protections-Deploy and maintain email server anti-malware protections",
927            "importance": 0,
928            "uuid": "a236845e-734b-4632-8b21-4c1d2eb1eff1"
929        }
930    ],
931    "version": 1
932}