CSCv7|12.4

Title

Deny Communication over Unauthorized Ports

Description

Deny communication over unauthorized TCP or UDP ports or application traffic to ensure that only authorized protocols are allowed to cross the network boundary in or out of the network at each of the organization's network boundaries.

Reference Item Details

Reference: CIS Critical Security Controls v7

Category: Boundary Defense

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.1.4.4.2 Enable listening ports range is set as appropriate for organization	Zoom	CIS Zoom L2 v1.0.0
1.2.7 Disable the Telnet Feature	Cisco	CIS Cisco NX-OS L1 v1.1.0
1.3.10 Ensure 'Password Profiles' do not exist	Palo_Alto	CIS Palo Alto Firewall 10 v1.1.0 L1
18.5.21.1 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Intune for Windows 10 v1.1.0 L1 + BL
18.5.21.1 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Intune for Windows 10 v1.1.0 L1
18.5.21.1 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Intune for Windows 11 v1.0.0 L1 + BL + NG
18.5.21.1 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Intune for Windows 11 v1.0.0 L1 + BL
18.5.21.1 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1 + BL
18.5.21.1 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Intune for Windows 10 v1.1.0 L1 + NG
18.5.21.1 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1
18.5.21.1 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Intune for Windows 10 v1.1.0 L1 + BL + NG
18.5.21.1 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1 + BL + NG
18.5.21.1 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1 + NG
18.5.21.1 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Intune for Windows 11 v1.0.0 L1 + NG
18.5.21.1 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Intune for Windows 11 v1.0.0 L1
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2019 MS L2 v1.2.0
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise v1.12.0 L1 + NG
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise v1.12.0 L1 + BL
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise (Release 20H2) v1.10.1 L1
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise (Release 21H1) v1.11.0 L1
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise (Release 21H1) v1.11.0 L1 + BL
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise (Release 21H1) v1.11.0 L1 + BL + NG
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise (Release 20H2) v1.10.1 L1 + BL
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise (Release 20H2) v1.10.1 L1 + BL + NG
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise v1.12.0 L1 + BL + NG
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise (Release 21H1) v1.11.0 L1 + NG
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Enterprise v1.0.0 L1 + NG
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Enterprise v1.0.0 L1
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise (Release 20H2) v1.10.1 L1 + NG
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise v1.12.0 L1
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL + NG
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled' (MS only)	Windows	CIS Windows Server 2012 R2 MS L2 v2.5.0
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled' (MS only)	Windows	CIS Windows Server 2012 R2 MS L2 v2.6.0
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled' (MS only)	Windows	CIS Windows Server 2012 MS L2 v2.4.0
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled' (MS only) - Enabled	Windows	CIS Microsoft Windows Server 2019 MS L2 v1.2.1
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled' (MS only) - Enabled	Windows	CIS Microsoft Windows Server 2016 STIG MS L2 v1.1.0
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled' (MS only) - Enabled	Windows	CIS Microsoft Windows Server 2022 v1.0.0 L2 MS
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled' (MS only) - Enabled	Windows	CIS Microsoft Windows Server 2019 STIG MS L2 v1.0.1
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled' (MS only) - Enabled	Windows	CIS Microsoft Windows Server 2019 MS L2 v1.3.0
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled' (MS only) - Enabled	Windows	CIS Microsoft Windows Server 2016 MS L2 v1.4.0
18.6.21.1 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Intune for Windows 10 v2.0.0 L1 + BL + NG
18.6.21.1 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Intune for Windows 11 v2.0.0 L1
18.6.21.1 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Intune for Windows 11 v2.0.0 L1 + BL
18.6.21.1 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Intune for Windows 11 v2.0.0 L1 + NG
18.6.21.1 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Intune for Windows 11 v2.0.0 L1 + BL + NG
18.6.21.1 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Intune for Windows 10 v2.0.0 L1
18.6.21.1 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Intune for Windows 10 v2.0.0 L1 + BL
18.6.21.1 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Intune for Windows 10 v2.0.0 L1 + NG
18.6.21.2 (L1) Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Enterprise v3.0.0 L1

Detections

Analytics

CSCv7|12.4

Title

Description

Reference Item Details

Audit Items