UCF STIG Viewer Logo

Communications from AD admin platforms must be blocked, except with the domain controllers being managed.


Overview

Finding ID Version Rule ID IA Controls Severity
V-44058 AD.MP.0004 SV-56888r2_rule ECSC-1 Medium
Description
AD admin platforms are used for highly privileged activities. Preventing communications to and from AD admin platforms, except with the domain controllers being managed, protects against an attacker's lateral movement from a compromised platform. Requirements in Firewall and Windows client STIGs restrict inbound communications, however outbound communications must be restricted as well to prevent inadvertent exposure of the privileged credentials used on these platforms.
STIG Date
Active Directory Domain Security Technical Implementation Guide (STIG) 2017-12-15

Details

Check Text ( C-49473r3_chk )
Verify firewall rules prevent outbound communications from AD admin platforms, except for domain controllers being managed. If outbound communications are allowed between AD admin platforms and any other systems other than domain controllers, this is a finding.
Fix Text (F-49678r3_fix)
Maintain firewall rules to prevent outbound communications from AD admin platforms, except with domain controllers being managed.