From Network Infrastructure Policy Security Technical Implementation Guide
Part of An enclave DMZ architecture is not implemented.
Associated with: CCI-002395
Without the protection of a DMZ, production networks will be prone to outside attacks as they are allowing externally accessible services to be accessed on the internal LAN. This can cause many undesired consequences such as access to the entire network, Denial of Service attacks, or theft of sensitive information.
Review the network topology diagram and interview the ISSO to verify that all NIPRNet-only applications are located in a local enclave DMZ. If there are any NIPRNet-only applications not hosted in the enclave’s DMZ, this is a finding.
Implement and move NIPRNet-only applications to a local enclave DMZ.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer