SC-05 Denial Of Service Protection
System and Communications Protection
Description
The information system protects against or limits the effects of the following types of denial of service attacks: [Assignment: organization-defined list of types of denial of service attacks or reference to source for current list].
Supplemental Guidance
A variety of technologies exist to limit, or in some cases, eliminate the effects of denial of service attacks. For example, boundary protection devices can filter certain types of packets to protect devices on an organization’s internal network from being directly affected by denial of service attacks. Information systems that are publicly accessible can be protected by employing increased capacity and bandwidth combined with service redundancy.
Changes from Rev 4
Adds 'Selection: protect against; limit the effects of the following types of denial of service events' Changes parameter to specific types of denial of service events Parameter removes 'or reference to sources for such information' Changes control text from 'employing security safeguards' to 'Employ the following controls to achieve the denial of service objective' Discussion amplifies definition of denial of service events
MITRE ATT&CK Techniques (1)
ATT&CK v16.1Techniques mitigated by this control, mapped via CTID.