Title

The UEM server must disable organization-defined functions, ports, protocols, and services (within the application) deemed unnecessary and/or non-secure. (Cat II impact)

Discussion

Removal of unneeded or non-secure functions, ports, protocols, and services mitigate the risk of unauthorized connection of devices, unauthorized transfer of information, or other exploitation of these resources. Examples include unneeded listening ports. The organization must perform a periodic scan/review of the application (as required by CCI-000384) and disable functions, ports, protocols, and services deemed to be unneeded or non-secure.

Check Content

Verify the UEM server disables organization-defined functions, ports, protocols, and services (within the application) deemed unnecessary and/or non-secure. If the UEM server does not disable organization-defined functions, ports, protocols, and services (within the application) deemed unnecessary and/or non-secure, this is a finding.

Fix Text

Configure the UEM server to disable organization-defined functions, ports, protocols, and services (within the application) deemed unnecessary and/or non-secure.

Additional Identifiers

Rule ID: SRG-APP-000383-UEM-000254_rule

Vulnerability ID: SRG-APP-000383-UEM-000254

Group Title: SRG-APP-000383-UEM-000254

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.