Skip to content

II - Mission Support Public

Rules and Groups employed by this XCCDF Profile

  • MFD/Printer Firewall/Router Rule Perimeter

    <GroupDescription></GroupDescription>
    Group
  • A firewall or router rule must block all ingress and egress traffic from the enclave perimeter to the MFD or Network Printer.

    &lt;VulnDiscussion&gt;Access to the MFD or printer from outside the enclave network could lead to a denial of service caused by a large number of l...
    Rule Medium Severity
  • MFD Firmware

    <GroupDescription></GroupDescription>
    Group
  • The MFD or Network Printer must employ the most current firmware available.

    &lt;VulnDiscussion&gt;MFD devices or printers utilizing old firmware can expose the network to known vulnerabilities leading to a denial of service...
    Rule Medium Severity
  • MFD SNMP Community Strings

    <GroupDescription></GroupDescription>
    Group
  • The default passwords and SNMP community strings of all management services have not been replaced with complex passwords.

    &lt;VulnDiscussion&gt;There are many known vulnerabilities in the SNMP protocol and if the default community strings and passwords are not modified...
    Rule High Severity
  • MFD Configuration State After Power Down or Reboot

    <GroupDescription></GroupDescription>
    Group
  • The MFD or Network Printer must maintain configuration state (e.g., passwords, service settings) after a power down or restart.

    &lt;VulnDiscussion&gt;If the MFD does not maintain it state over a power down or restart, it will expose the network to all of the vulnerabilities ...
    Rule High Severity
  • MFD Management Protocols

    <GroupDescription></GroupDescription>
    Group
  • Management protocols, with the exception of HTTPS and SNMPv3, must be disabled at all times except when necessary.

    &lt;VulnDiscussion&gt;Unneeded protocols expose the device and the network to unnecessary vulnerabilities.&lt;/VulnDiscussion&gt;&lt;FalsePositives...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules