opexxx/cis.json

## cis.json
[
  {
    "1": "2",
    "Inventory of Authorized and Unauthorized Devices": "Inventory of Authorized and Unauthorized Software",
    "Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Actively manage (inventory, track and correct) all software on the network so that only authorized software is installed and can execute, and unauthorized and unmanged software is found and prevented from installation or execution.",
    "": ""
  },
  {
    "1": "3",
    "Inventory of Authorized and Unauthorized Devices": "Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers",
    "Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Establish, implement, and actively manage (track, report on, and correct) the security configurations of laptops, servers, and workstations using a rigorous configuration management and change control process in order to prevent attackers from exploiting vulnerable services and settings.",
    "": ""
  },
  {
    "1": "4",
    "Inventory of Authorized and Unauthorized Devices": "Continuous Vulnerability Assessment and Remediation",
    "Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Continuously acquire, assess, and take action on new information in order to identify vulnerabilities, and to remediate and minimize the window of opportunity for attackers.",
    "": ""
  },
  {
    "1": "5",
    "Inventory of Authorized and Unauthorized Devices": "Controlled Use of Administrative Privileges",
    "Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Track, control, prevent, and correct the use, assignment, and configuration of administrative privileges on computers, networks, and applications.",
    "": ""
  },
  {
    "1": "6",
    "Inventory of Authorized and Unauthorized Devices": "Maintenance, Monitoring, and Analysis of Audit Logs",
    "Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Collect, manage, and analyze audit logs of events that could help detect, understand, or recover from an attack.",
    "": ""
  },
  {
    "1": "7",
    "Inventory of Authorized and Unauthorized Devices": "Email and Web Broswer Protections",
    "Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Minimize the attack surface and the opportunities for attackers to manipulate human behavior through their interaction with web browsers and e-mail systems.",
    "": ""
  },
  {
    "1": "8",
    "Inventory of Authorized and Unauthorized Devices": "Malware Defenses",
    "Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Control the installation, spread, and execution of malicious code at multiple points in the enterprise, while optimizing the use of automation to enable rapid updating of defense, data gathering, and corrective action.",
    "": ""
  },
  {
    "1": "9",
    "Inventory of Authorized and Unauthorized Devices": "Limitation and Control of Network Ports, Protocols, and Services",
    "Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Manage (track, control, and correct) the ongoing operational use of ports, protocols, and services on networked devices in order to minimize windows of vulnerability available to attackers.",
    "": ""
  },
  {
    "1": "10",
    "Inventory of Authorized and Unauthorized Devices": "Data Recoverly Capability",
    "Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Properly back up critical information with a proven methodology for timely recovery.",
    "": ""
  },
  {
    "1": "11",
    "Inventory of Authorized and Unauthorized Devices": "Secure Configuration for Network Devices such as Firewalls, Routers, and Switches",
    "Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Establish, implement, and actively manage (track, report on, and correct) the security configuration of network infrastructure devices using a rigorous configuration management and change control process in order to prevent attackers from exploiting vulnerble services and settings.",
    "": ""
  },
  {
    "1": "12",
    "Inventory of Authorized and Unauthorized Devices": "Boundary Defense",
    "Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Detect, prevent, and correct the flow of information transferring networks of different trust levels with a focus on security-damaging data.",
    "": ""
  },
  {
    "1": "13",
    "Inventory of Authorized and Unauthorized Devices": "Data Protection",
    "Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Prevent data exfiltration, mitigate the effects of exfiltrated data, and ensure the privacy and integrity of sensitive information.",
    "": ""
  },
  {
    "1": "14",
    "Inventory of Authorized and Unauthorized Devices": "Controlled Access Based on the Need to Know",
    "Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Track, control, prevent, and secure access to critical assets (e.g. information, resources, systems) according to the formal determination of which persons, computers, and applications have a need and right to access these critical assets based on an approved classification.",
    "": ""
  },
  {
    "1": "15",
    "Inventory of Authorized and Unauthorized Devices": "Wireless Access Control",
    "Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Track, control, prevent, and correct the security use of wireless local area networks (LANS), access points, and wireless client systems.",
    "": ""
  },
  {
    "1": "16",
    "Inventory of Authorized and Unauthorized Devices": "Account Monitoring and Control",
    "Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Actively manage the life-cycle of system and application accounts - their creation, use, dormancy, deletion - in order to minimize opportunities for attackers to leverage them.",
    "": ""
  }
]
	[
	{
	"1": "2",
	"Inventory of Authorized and Unauthorized Devices": "Inventory of Authorized and Unauthorized Software",
	"Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Actively manage (inventory, track and correct) all software on the network so that only authorized software is installed and can execute, and unauthorized and unmanged software is found and prevented from installation or execution.",
	"": ""
	},
	{
	"1": "3",
	"Inventory of Authorized and Unauthorized Devices": "Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers",
	"Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Establish, implement, and actively manage (track, report on, and correct) the security configurations of laptops, servers, and workstations using a rigorous configuration management and change control process in order to prevent attackers from exploiting vulnerable services and settings.",
	"": ""
	},
	{
	"1": "4",
	"Inventory of Authorized and Unauthorized Devices": "Continuous Vulnerability Assessment and Remediation",
	"Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Continuously acquire, assess, and take action on new information in order to identify vulnerabilities, and to remediate and minimize the window of opportunity for attackers.",
	"": ""
	},
	{
	"1": "5",
	"Inventory of Authorized and Unauthorized Devices": "Controlled Use of Administrative Privileges",
	"Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Track, control, prevent, and correct the use, assignment, and configuration of administrative privileges on computers, networks, and applications.",
	"": ""
	},
	{
	"1": "6",
	"Inventory of Authorized and Unauthorized Devices": "Maintenance, Monitoring, and Analysis of Audit Logs",
	"Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Collect, manage, and analyze audit logs of events that could help detect, understand, or recover from an attack.",
	"": ""
	},
	{
	"1": "7",
	"Inventory of Authorized and Unauthorized Devices": "Email and Web Broswer Protections",
	"Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Minimize the attack surface and the opportunities for attackers to manipulate human behavior through their interaction with web browsers and e-mail systems.",
	"": ""
	},
	{
	"1": "8",
	"Inventory of Authorized and Unauthorized Devices": "Malware Defenses",
	"Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Control the installation, spread, and execution of malicious code at multiple points in the enterprise, while optimizing the use of automation to enable rapid updating of defense, data gathering, and corrective action.",
	"": ""
	},
	{
	"1": "9",
	"Inventory of Authorized and Unauthorized Devices": "Limitation and Control of Network Ports, Protocols, and Services",
	"Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Manage (track, control, and correct) the ongoing operational use of ports, protocols, and services on networked devices in order to minimize windows of vulnerability available to attackers.",
	"": ""
	},
	{
	"1": "10",
	"Inventory of Authorized and Unauthorized Devices": "Data Recoverly Capability",
	"Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Properly back up critical information with a proven methodology for timely recovery.",
	"": ""
	},
	{
	"1": "11",
	"Inventory of Authorized and Unauthorized Devices": "Secure Configuration for Network Devices such as Firewalls, Routers, and Switches",
	"Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Establish, implement, and actively manage (track, report on, and correct) the security configuration of network infrastructure devices using a rigorous configuration management and change control process in order to prevent attackers from exploiting vulnerble services and settings.",
	"": ""
	},
	{
	"1": "12",
	"Inventory of Authorized and Unauthorized Devices": "Boundary Defense",
	"Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Detect, prevent, and correct the flow of information transferring networks of different trust levels with a focus on security-damaging data.",
	"": ""
	},
	{
	"1": "13",
	"Inventory of Authorized and Unauthorized Devices": "Data Protection",
	"Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Prevent data exfiltration, mitigate the effects of exfiltrated data, and ensure the privacy and integrity of sensitive information.",
	"": ""
	},
	{
	"1": "14",
	"Inventory of Authorized and Unauthorized Devices": "Controlled Access Based on the Need to Know",
	"Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Track, control, prevent, and secure access to critical assets (e.g. information, resources, systems) according to the formal determination of which persons, computers, and applications have a need and right to access these critical assets based on an approved classification.",
	"": ""
	},
	{
	"1": "15",
	"Inventory of Authorized and Unauthorized Devices": "Wireless Access Control",
	"Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Track, control, prevent, and correct the security use of wireless local area networks (LANS), access points, and wireless client systems.",
	"": ""
	},
	{
	"1": "16",
	"Inventory of Authorized and Unauthorized Devices": "Account Monitoring and Control",
	"Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Actively manage the life-cycle of system and application accounts - their creation, use, dormancy, deletion - in order to minimize opportunities for attackers to leverage them.",
	"": ""
	}
	]