Management protocols, with the exception of HTTPS and SNMPv3, must be disabled at all times except when necessary.

An XCCDF Rule

Details
Profiles
Prose

Description

<VulnDiscussion>Unneeded protocols expose the device and the network to unnecessary vulnerabilities.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility>System Administrator</Responsibility><IAControls>DCPP-1</IAControls>

ID: SV-7005r2_rule
Severity: Medium
Updated: about 1 year ago

Disable all management protocols except HTTPS and SNMPv3 unless approval has been granted by the organization's AO/ISSM.

Management protocols, with the exception of HTTPS and SNMPv3, must be disabled at all times except when necessary.

Description

Remediation - Manual Procedure