800-53|SC-7(16)

Title

PREVENT DISCOVERY OF COMPONENTS / DEVICES

Description

The information system prevents discovery of specific system components composing a managed interface.

Supplemental

This control enhancement protects network addresses of information system components that are part of managed interfaces from discovery through common tools and techniques used to identify devices on networks. Network addresses are not available for discovery (e.g., network address not published or entered in domain name systems), requiring prior knowledge for access. Another obfuscation technique is to periodically change network addresses.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Category: SYSTEM AND COMMUNICATIONS PROTECTION

Parent Title: BOUNDARY PROTECTION

Family: SYSTEM AND COMMUNICATIONS PROTECTION

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.2.1.1.1.1.1 Configure 'Windows Firewall: Allow ICMP exceptions - AllowInboundEchoRequest'	Windows	CIS Windows 2003 DC v3.1.0
1.2.1.1.1.1.1 Configure 'Windows Firewall: Allow ICMP exceptions - AllowInboundEchoRequest'	Windows	CIS Windows 2003 MS v3.1.0
1.2.1.1.1.1.1 Configure 'Windows Firewall: Allow ICMP exceptions - AllowInboundMaskRequest'	Windows	CIS Windows 2003 DC v3.1.0
1.2.1.1.1.1.1 Configure 'Windows Firewall: Allow ICMP exceptions - AllowInboundMaskRequest'	Windows	CIS Windows 2003 MS v3.1.0
1.2.1.1.1.1.1 Configure 'Windows Firewall: Allow ICMP exceptions - AllowInboundRouterRequest'	Windows	CIS Windows 2003 DC v3.1.0
1.2.1.1.1.1.1 Configure 'Windows Firewall: Allow ICMP exceptions - AllowInboundRouterRequest'	Windows	CIS Windows 2003 MS v3.1.0
1.2.1.1.1.1.1 Configure 'Windows Firewall: Allow ICMP exceptions - AllowInboundTimestampRequest'	Windows	CIS Windows 2003 MS v3.1.0
1.2.1.1.1.1.1 Configure 'Windows Firewall: Allow ICMP exceptions - AllowInboundTimestampRequest'	Windows	CIS Windows 2003 DC v3.1.0
1.2.1.1.1.1.1 Configure 'Windows Firewall: Allow ICMP exceptions - AllowOutboundDestinationUnreachable'	Windows	CIS Windows 2003 DC v3.1.0
1.2.1.1.1.1.1 Configure 'Windows Firewall: Allow ICMP exceptions - AllowOutboundDestinationUnreachable'	Windows	CIS Windows 2003 MS v3.1.0
1.2.1.1.1.1.1 Configure 'Windows Firewall: Allow ICMP exceptions - AllowOutboundPacketTooBig'	Windows	CIS Windows 2003 DC v3.1.0
1.2.1.1.1.1.1 Configure 'Windows Firewall: Allow ICMP exceptions - AllowOutboundPacketTooBig'	Windows	CIS Windows 2003 MS v3.1.0
1.2.1.1.1.1.1 Configure 'Windows Firewall: Allow ICMP exceptions - AllowOutboundParameterProblem'	Windows	CIS Windows 2003 DC v3.1.0
1.2.1.1.1.1.1 Configure 'Windows Firewall: Allow ICMP exceptions - AllowOutboundParameterProblem'	Windows	CIS Windows 2003 MS v3.1.0
1.2.1.1.1.1.1 Configure 'Windows Firewall: Allow ICMP exceptions - AllowOutboundSourceQuench'	Windows	CIS Windows 2003 DC v3.1.0
1.2.1.1.1.1.1 Configure 'Windows Firewall: Allow ICMP exceptions - AllowOutboundSourceQuench'	Windows	CIS Windows 2003 MS v3.1.0
1.2.1.1.1.1.1 Configure 'Windows Firewall: Allow ICMP exceptions - AllowOutboundTimeExceeded'	Windows	CIS Windows 2003 MS v3.1.0
1.2.1.1.1.1.1 Configure 'Windows Firewall: Allow ICMP exceptions - AllowOutboundTimeExceeded'	Windows	CIS Windows 2003 DC v3.1.0
1.2.1.1.1.1.1 Configure 'Windows Firewall: Allow ICMP exceptions - AllowRedirect'	Windows	CIS Windows 2003 DC v3.1.0
1.2.1.1.1.1.1 Configure 'Windows Firewall: Allow ICMP exceptions - AllowRedirect'	Windows	CIS Windows 2003 MS v3.1.0
1.2.1.1.1.2.7 Configure 'Windows Firewall: Allow ICMP exceptions' - AllowInboundEchoRequest	Windows	CIS Windows 2003 DC v3.1.0
1.2.1.1.1.2.7 Configure 'Windows Firewall: Allow ICMP exceptions' - AllowInboundEchoRequest	Windows	CIS Windows 2003 MS v3.1.0
1.2.1.1.1.2.7 Configure 'Windows Firewall: Allow ICMP exceptions' - AllowInboundMaskRequest	Windows	CIS Windows 2003 DC v3.1.0
1.2.1.1.1.2.7 Configure 'Windows Firewall: Allow ICMP exceptions' - AllowInboundMaskRequest	Windows	CIS Windows 2003 MS v3.1.0
1.2.1.1.1.2.7 Configure 'Windows Firewall: Allow ICMP exceptions' - AllowInboundRouterRequest	Windows	CIS Windows 2003 DC v3.1.0
1.2.1.1.1.2.7 Configure 'Windows Firewall: Allow ICMP exceptions' - AllowInboundRouterRequest	Windows	CIS Windows 2003 MS v3.1.0
1.2.1.1.1.2.7 Configure 'Windows Firewall: Allow ICMP exceptions' - AllowInboundTimestampRequest	Windows	CIS Windows 2003 DC v3.1.0
1.2.1.1.1.2.7 Configure 'Windows Firewall: Allow ICMP exceptions' - AllowInboundTimestampRequest	Windows	CIS Windows 2003 MS v3.1.0
1.2.1.1.1.2.7 Configure 'Windows Firewall: Allow ICMP exceptions' - AllowOutboundDestinationUnreachable	Windows	CIS Windows 2003 DC v3.1.0
1.2.1.1.1.2.7 Configure 'Windows Firewall: Allow ICMP exceptions' - AllowOutboundDestinationUnreachable	Windows	CIS Windows 2003 MS v3.1.0
1.2.1.1.1.2.7 Configure 'Windows Firewall: Allow ICMP exceptions' - AllowOutboundPacketTooBig	Windows	CIS Windows 2003 DC v3.1.0
1.2.1.1.1.2.7 Configure 'Windows Firewall: Allow ICMP exceptions' - AllowOutboundPacketTooBig	Windows	CIS Windows 2003 MS v3.1.0
1.2.1.1.1.2.7 Configure 'Windows Firewall: Allow ICMP exceptions' - AllowOutboundParameterProblem	Windows	CIS Windows 2003 DC v3.1.0
1.2.1.1.1.2.7 Configure 'Windows Firewall: Allow ICMP exceptions' - AllowOutboundParameterProblem	Windows	CIS Windows 2003 MS v3.1.0
1.2.1.1.1.2.7 Configure 'Windows Firewall: Allow ICMP exceptions' - AllowOutboundSourceQuench	Windows	CIS Windows 2003 DC v3.1.0
1.2.1.1.1.2.7 Configure 'Windows Firewall: Allow ICMP exceptions' - AllowOutboundSourceQuench	Windows	CIS Windows 2003 MS v3.1.0
1.2.1.1.1.2.7 Configure 'Windows Firewall: Allow ICMP exceptions' - AllowOutboundTimeExceeded	Windows	CIS Windows 2003 DC v3.1.0
1.2.1.1.1.2.7 Configure 'Windows Firewall: Allow ICMP exceptions' - AllowOutboundTimeExceeded	Windows	CIS Windows 2003 MS v3.1.0
1.2.1.1.1.2.7 Configure 'Windows Firewall: Allow ICMP exceptions' - AllowRedirect	Windows	CIS Windows 2003 MS v3.1.0
1.2.1.1.1.2.7 Configure 'Windows Firewall: Allow ICMP exceptions' - AllowRedirect	Windows	CIS Windows 2003 DC v3.1.0
1.5.1 Windows Firewall: Allow ICMP exceptions (Domain) (AllowInboundEchoRequest)	Windows	CIS Windows 2008 SSLF v1.2.0
1.5.1 Windows Firewall: Allow ICMP exceptions (Domain) (AllowInboundEchoRequest)	Windows	CIS Windows 2008 Enterprise v1.2.0
1.5.1 Windows Firewall: Allow ICMP exceptions (Domain) (AllowInboundMaskRequest)	Windows	CIS Windows 2008 SSLF v1.2.0
1.5.1 Windows Firewall: Allow ICMP exceptions (Domain) (AllowInboundMaskRequest)	Windows	CIS Windows 2008 Enterprise v1.2.0
1.5.1 Windows Firewall: Allow ICMP exceptions (Domain) (AllowInboundRouterRequest)	Windows	CIS Windows 2008 Enterprise v1.2.0
1.5.1 Windows Firewall: Allow ICMP exceptions (Domain) (AllowInboundRouterRequest)	Windows	CIS Windows 2008 SSLF v1.2.0
1.5.1 Windows Firewall: Allow ICMP exceptions (Domain) (AllowInboundTimestampRequest)	Windows	CIS Windows 2008 SSLF v1.2.0
1.5.1 Windows Firewall: Allow ICMP exceptions (Domain) (AllowInboundTimestampRequest)	Windows	CIS Windows 2008 Enterprise v1.2.0
1.5.1 Windows Firewall: Allow ICMP exceptions (Domain) (AllowOutboundDestinationUnreachable)	Windows	CIS Windows 2008 Enterprise v1.2.0
1.5.1 Windows Firewall: Allow ICMP exceptions (Domain) (AllowOutboundDestinationUnreachable)	Windows	CIS Windows 2008 SSLF v1.2.0

Detections

Analytics