CSCv7|12.2

Title

Scan for Unauthorized Connections across Trusted Network Boundaries

Description

Perform regular scans from outside each trusted network boundary to detect any unauthorized connections which are accessible across the boundary.

Reference Item Details

Reference: CIS Critical Security Controls v7

Category: Boundary Defense

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
2.3.2 Allow only trusted hosts in SNMPv3	FortiGate	CIS Fortigate 7.0.x v1.3.0 L2
2.7 Ensure internal sources are blocked on external networks	Juniper	CIS Juniper OS Benchmark v2.1.0 L2
3.3 Ensure firewall policy denying all traffic to/from Tor, malicious server, or scanner IP addresses using ISDB	FortiGate	CIS Fortigate 7.0.x v1.3.0 L1
3.10 Ensure SharePoint database servers are segregated from application server and placed in a secure zone.	Windows	CIS Microsoft SharePoint 2019 OS v1.0.0
3.12 Ensure Anti-Spoofing is enabled and action is set to Prevent for all Interfaces	CheckPoint	CIS Check Point Firewall L2 v1.1.0
6.1.1 Apply a Trusted Signed Certificate for VPN Portal	FortiGate	CIS Fortigate 7.0.x v1.3.0 L2