An error occurred:

Check: SRG-APP-000383-DB-000364

Database SRG: SRG-APP-000383-DB-000364 (in versions v3 r4 through v2 r10)

Title

The DBMS must disable network functions, ports, protocols, and services deemed by the organization to be nonsecure, in accord with the Ports, Protocols, and Services Management (PPSM) guidance. (Cat II impact)

Discussion

Use of nonsecure network functions, ports, protocols, and services exposes the system to avoidable threats.

Check Content

Review the network functions, ports, protocols, and services supported by the DBMS. If any protocol is prohibited by the PPSM guidance and is enabled, this is a finding.

Fix Text

Deploy a DBMS capable of disabling a network function, port, protocol, or service prohibited by the PPSM guidance. Disable each prohibited network function, port, protocol, or service.

Additional Identifiers

Rule ID: SV-206599r879756_rule

Vulnerability ID: V-206599

Group Title: SRG-APP-000383

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001762

The organization disables organization-defined functions, ports, protocols, and services within the information system deemed to be unnecessary and/or nonsecure.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
CM-7 (1)

Periodic Review