Management protocols, with the exception of HTTPS and SNMPv3, must be disabled at all times except when necessary.
An XCCDF Rule
Description
Unneeded protocols expose the device and the network to unnecessary vulnerabilities.
| Property | Value |
|---|---|
| Responsibility | System Administrator |
| IA Controls | DCPP-1 |
- ID
- SV-7005r2_rule
- Version
- MFD02.003
- Severity
- Medium
- Updated
Remediation Templates
A Manual Procedure
Disable all management protocols except HTTPS and SNMPv3 unless approval has been granted by the organization's AO/ISSM.