Test and development systems are not physically disconnected or blocked at the firewall from external networks during the installation of an operating system.

From Enclave - Zone D Checklist

Part of Systems not isolated during OS install.

Associated with IA controls: ECSC-1

SV-14923r1_rule Test and development systems are not physically disconnected or blocked at the firewall from external networks during the installation of an operating system.

Vulnerability discussion

During the installation of an operating system, the system is most vulnerable to attack because no security controls have been put in place to protect the system. It is very important to block all access to a system while the operating system is being installed and configured until such time that security controls can be implemented.

Check content

Ask the IAO what the connection approval policy is on the installation of operating systems within the T&D zone. The policy must include either physically disconnecting or blocking the system at the firewall in order to achieve complete isolation from malicious network traffic.

Fix text

The IAO will ensure the test or development system is physically disconnected or blocked at the firewall from any external network during the installation of an operating system.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer