Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
SRG-NET-000306-FW-000168 | SRG-NET-000306-FW-000168 | SRG-NET-000306-FW-000168_rule | Low |
Description |
---|
Access control policies (e.g., identity-based policies, role-based policies) and access enforcement mechanisms (e.g., access control lists, policy maps, and cryptography) are used to control access between users and objects (e.g., devices, data, and destination addresses) within the network. Without these security policies, access control and enforcement mechanisms will not prevent unauthorized access to user account information, system logs, and other files. |
STIG | Date |
---|---|
Firewall Security Requirements Guide | 2012-12-10 |
Check Text ( C-SRG-NET-000306-FW-000168_chk ) |
---|
Verify the site has configured the firewall to implement DAC. Access could be granted based on file types, location, metadata, or source/destination IP address. If DAC techniques are not used for security control, this is a finding. |
Fix Text (F-SRG-NET-000306-FW-000168_fix) |
---|
Configure the firewall implementation using DAC as required by organizationally defined policies. |