Skip to content
Log In

CCI-002322

Provide the capability to disconnect or disable remote access to the system within the organization-defined time period.

OHS must provide the capability to immediately disconnect or disable remote access to the hosted applications.

1 rule found Severity: Medium

Logo

Common Access Card (CAC)-based authentication must be enabled and enforced on the Tanium Server for all access and all accounts.

2 rules found Severity: Medium

Logo

LockOutRealms failureCount attribute must be set to 5 failed logins for admin users.

1 rule found Severity: Medium

Logo

LockOutRealms lockOutTime attribute must be set to 600 seconds (10 minutes) for admin users.

1 rule found Severity: Low

Logo

Network access to HTTP management must be disabled on domain-enabled application servers not designated as the domain controller.

1 rule found Severity: Medium

Logo

The IIS 10.0 web server must provide the capability to immediately disconnect or disable remote access to the hosted applications.

1 rule found Severity: Medium

Logo

The IIS 10.0 website must provide the capability to immediately disconnect or disable remote access to the hosted applications.

1 rule found Severity: Medium

Logo

SLEM 5 must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services as defined in the Ports, Protocols, and Services Management (PPSM) Category Assignments List (CAL) and vulnerability assessments.

1 rule found Severity: Medium

Logo

The web server must provide the capability to immediately disconnect or disable remote access to the hosted applications.

1 rule found Severity: Medium

Logo

Install firewalld Package

18 rules found Severity: Medium

Logo

NixOS must enable the built-in firewall.

1 rule found Severity: Medium

Logo

The Apache web server must be configured to immediately disconnect or disable remote access to the hosted applications.

2 rules found Severity: Medium

Logo

The application server must provide the capability to immediately disconnect or disable remote access to the management interface.

1 rule found Severity: Medium

Logo

The ALG providing intermediary services for remote access communications traffic must provide the capability to immediately disconnect or disable remote access to the information system.

1 rule found Severity: Medium

Logo

AlmaLinux OS 9 must have the firewalld package installed.

1 rule found Severity: Medium

Logo

The operating system must provide the capability to immediately disconnect or disable remote access to the operating system.

1 rule found Severity: Medium

Logo

The Palo Alto Networks security, if used as a TLS gateway/decryption point or VPN concentrator, must provide the capability to immediately disconnect or disable remote access to the information system.

1 rule found Severity: Medium

Logo

A firewall must be able to protect against or limit the effects of denial-of-service (DoS) attacks by ensuring OL 8 can implement rate-limiting measures on impacted network interfaces.

1 rule found Severity: Medium

Logo

RHEL 9 must have the firewalld package installed.

1 rule found Severity: Medium

Logo

The SUSE operating system must have a firewall system installed to immediately disconnect or disable remote access to the whole operating system.

1 rule found Severity: Medium

Logo

The VMM must provide the capability to immediately disconnect or disable remote access to the information system.

1 rule found Severity: Medium

Logo

The ESXi host must be configured to disable nonessential capabilities by disabling Secure Shell (SSH).

3 rules found Severity: Medium

Logo

The VPN Gateway administrator accounts or security policy must be configured to allow the system administrator to immediately disconnect or disable remote access to devices and/or users when needed.

1 rule found Severity: Medium

Logo