Detections
Analytics

CCI|CCI-002080

Title

The organization employs either an allow-all, deny-by-exception or a deny-all, permit-by-exception policy for allowing organization-defined information systems to connect to external information systems.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
AOSX-13-000155 - The macOS system firewall must be configured with a default-deny policy.UnixDISA STIG Apple Mac OSX 10.13 v2r5
Catalina - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall PolicyUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall PolicyUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall PolicyUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall PolicyUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall PolicyUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall PolicyUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall PolicyUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Monterey - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall PolicyUnixNIST macOS Monterey v1.0.0 - 800-53r4 High
Monterey - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall PolicyUnixNIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall PolicyUnixNIST macOS Monterey v1.0.0 - 800-53r5 Moderate
Monterey - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall PolicyUnixNIST macOS Monterey v1.0.0 - All Profiles
Monterey - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall PolicyUnixNIST macOS Monterey v1.0.0 - 800-171
Monterey - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall PolicyUnixNIST macOS Monterey v1.0.0 - 800-53r4 Moderate
Monterey - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall PolicyUnixNIST macOS Monterey v1.0.0 - CNSSI 1253
WN16-00-000310 - A host-based firewall must be installed and enabled on the system.WindowsDISA Windows Server 2016 STIG v2r9
WN19-00-000280 - Windows Server 2019 must have a host-based firewall installed and enabled.WindowsDISA Windows Server 2019 STIG v3r2
WN22-00-000280 - Windows Server 2022 must have a host-based firewall installed and enabled.WindowsDISA Windows Server 2022 STIG v2r2