Check: NET0135
Network Infrastructure Policy STIG:
NET0135
(in versions v10 r7 through v9 r2)
Title
External connections to the network must be reviewed and the documentation updated semi-annually. (Cat II impact)
Discussion
A network is only as secure as its weakest link. It is imperative that all external connections be reviewed and kept to a minimum needed for operations. All external connections should be treated as untrusted networks. Reviewing who or what the network is connected to empowers the security manager to make sound judgements and security recommendations. Minimizing backdoor circuits and connections reduces the risk for unauthorized access to network resources.
Check Content
Review the network topology and interview the ISSO to verify that external connections to the network are reviewed and documented on a semi-annual basis. If there are any external connections that have not been documented, or if the connections are not reviewed on a semi-annual basis, this is a finding.
Fix Text
Implement a semi-annual review process to document and account for external connections to the organization.
Additional Identifiers
Rule ID: SV-251356r806023_rule
Vulnerability ID: V-251356
Group Title: NET0135
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001121 |
Protect against unauthorized physical connections at organization-defined managed interfaces. |
Controls
Number | Title |
---|---|
SC-7(14) |
Protects Against Unauthorized Physical Connections |