An error occurred:

Check: CYLN-OP-000815

Arctic Wolf CylanceON-PREM STIG: CYLN-OP-000815 (in version v1 r1)

Title

CylanceON-PREM must disable all functions, ports, protocols and services not required. (Cat II impact)

Discussion

Unnecessary or unsecured ports, protocols, and services present many risks for attackers and may go undetected.

Check Content

Verify port configuration to external subordinate services such as syslog/SEIM, SMTP, etc. Administrator privileges are required. 1. Log in to the admin console. 2. Navigate to CONFIGURATION >> Settings. 3. Review settings. 4. Verify the ports used are accurate. If any ports are being used that are not required, this is a finding.

Fix Text

Configure ports to external subordinate services such as syslog/SEIM, SMTP, etc. Administrator privileges are required. 1. Log in to the admin console. 2. Navigate to CONFIGURATION >> Settings. 3. Disable nonrequired features. 4. Ensure the ports used are accurate. 5. Check with subordinate systems administrators to verify and correct port settings as necessary. 6. Reboot the server.

Additional Identifiers

Rule ID: SV-272638r1113550_rule

Vulnerability ID: V-272638

Group Title: SRG-APP-000383

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001762

Disable or remove organization-defined functions, ports, protocols, software, and services within the system deemed to be unnecessary and/or nonsecure.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
CM-7(1)

Periodic Review