Insights to Control Framework Mapping: File Sharing Ingrid Refer to the following File Sharing insights and assessments and how they're mapped to CIS v7 and CIS v8 controls for Control Insights: No Peer-to-Peer Sharing The lack of peer-to-peer (P2P) file sharing indicates effective control of workstation software installation. The ratio of events of type [File Sharing in Use] by type [Desktop Endpoint, Mobile Endpoint] is below 0.01% Assessment Positive Observations Insecure Systems Desktop Software Mobile Software File Sharing CIS v8 Controls CIS v7 Controls Controls 5 Account Management 13 Network Monitoring and Defense Safeguards 5.4 Restrict Administrator Privileges to Dedicated Administrator Accounts 5.5 Establish and Maintain an Inventory of Service Accounts 13.2 Deploy a Host-Based Intrusion Detection Solution 13.3 Deploy a Network Intrusion Detection Solution 13.4 Perform Traffic Filtering Between Network Segments 13.5 Manage Access Control for Remote Assets 13.6 Collect Network Traffic Flow Logs 13.7 Deploy a Host-Based Intrusion Prevention Solution 13.8 Deploy a Network Intrusion Prevention Solution Controls 4 Controlled Use of Administrative Privileges 12 Boundary Defense Safeguards 4.1 Maintain Inventory of Administrative Accounts 4.3 Ensure the Use of Dedicated Administrative Accounts 4.6 Use Dedicated Workstations For All Administrative Tasks 4.8 Log and Alert on Changes to Administrative Group Membership 4.9 Log and Alert on Unsuccessful Administrative Account Login 12.1 Maintain an Inventory of Network Boundaries 12.2 Scan for Unauthorized Connections Across Trusted Network Boundaries 12.3 Deny Communications With Known Malicious IP Addresses 12.4 Deny Communication Over Unauthorized Ports 12.5 Configure Monitoring Systems to Record Network Packets 12.6 Deploy Network-Based IDS Sensors 12.7 Deploy Network-Based Intrusion Prevention Systems 12.8 Deploy NetFlow Collection on Networking Boundary Devices 12.9 Deploy Application Layer Filtering Proxy Server 12.10 Decrypt Network Traffic at Proxy Peer-to-Peer Sharing The presence of peer-to-peer (P2P) file sharing indicates ineffective control of workstation software installation and that users may not be aware of the risks of downloading software from untrusted sources. The ratio of events of type [File Sharing in Use] by type [Desktop Endpoint, Mobile Endpoint] is above 0.1% Assessment Negative Observations Insecure Systems Desktop Software Mobile Software File Sharing CIS v8 Controls CIS v7 Controls Controls 5 Account Management 13 Network Monitoring and Defense 14 Security Awareness and Skills Training Safeguards 5.2 Use Unique Passwords 5.3 Disable Dormant Accounts 5.4 Restrict Administrator Privileges to Dedicated Administrator Accounts 5.5 Establish and Maintain an Inventory of Service Accounts 13.2 Deploy a Host-Based Intrusion Detection Solution 13.3 Deploy a Network Intrusion Detection Solution 13.4 Perform Traffic Filtering Between Network Segments 13.5 Manage Access Control for Remote Assets 13.6 Collect Network Traffic Flow Logs 13.7 Deploy a Host-Based Intrusion Prevention Solution 13.8 Deploy a Network Intrusion Prevention Solution 14.1 Establish and Maintain a Security Awareness Program 14.3 Train Workforce Members on Authentication Best Practices 14.4 Train Workforce on Data Handling Best Practices 14.5 Train Workforce Members on Causes of Unintentional Data Exposure Controls 4 Controlled Use of Administrative Privileges 12 Boundary Defense 17 Implement a Security Awareness and Training Program Safeguards 4.1 Maintain Inventory of Administrative Accounts 4.2 Change Default Passwords 4.3 Ensure the Use of Dedicated Administrative Accounts 4.4 Use Unique Passwords 4.6 Use Dedicated Workstations For All Administrative Tasks 4.8 Log and Alert on Changes to Administrative Group Membership 4.9 Log and Alert on Unsuccessful Administrative Account Login 12.1 Maintain an Inventory of Network Boundaries 12.2 Scan for Unauthorized Connections Across Trusted Network Boundaries 12.3 Deny Communications With Known Malicious IP Addresses 12.4 Deny Communication Over Unauthorized Ports 12.5 Configure Monitoring Systems to Record Network Packets 12.6 Deploy Network-Based IDS Sensors 12.7 Deploy Network-Based Intrusion Prevention Systems 12.8 Deploy NetFlow Collection on Networking Boundary Devices 12.9 Deploy Application Layer Filtering Proxy Server 17.1 Perform a Skills Gap Analysis 17.2 Deliver Training to Fill the Skills Gap 17.3 Implement a Security Awareness Program 17.4 Update Awareness Content Frequently 17.5 Train Workforce on Secure Authentication 17.7 Train Workforce on Sensitive Data Handling 17.8 Train Workforce on Causes of Unintentional Data Exposure 17.9 Train Workforce Members on Identifying and Reporting Incidents April 3, 2025: Published. Related articles Attack Surface: Work From Home Configuring SAML Apps What is a Rating Bundle? Microsoft SharePoint CVE-2025-53770 & CVE-2025-53771 Insights to Control Framework Mapping Feedback 0 comments Please sign in to leave a comment.