The host-based firewall installed on the endpoint device will be configured to a Deny-by-Default posture in accordance with the Ports and Protocols Service Management (PPSM) list.

From Remote Endpoint STIG

Part of SRC-EPT-410 Deny-by-Default posture

Associated with IA controls: ECSC-1

SV-6805r1_rule The host-based firewall installed on the endpoint device will be configured to a Deny-by-Default posture in accordance with the Ports and Protocols Service Management (PPSM) list.

Vulnerability discussion

Blocking these ports protects the device from denial-of-service attacks. (Remote Only)

Check content

The method of access to the firewall configuration will vary with the actual software. However, in general, the configuration can be viewed by clicking on the program icon in the desktop tray or by using the Start menu. Select the Configuration or Settings button/option and view the advanced custom settings for the Internet Zone. PPSM. If the personal firewall is not configured for a Deny-by-Default posture, this is a finding.

Fix text

A Deny-by-Default posture is setup on the personal firewall.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer