Without the ability to centrally manage the content captured in the traffic log entries, identification, troubleshooting, and correlation of suspicious behavior would be difficult and could lead. The Cisco ASA must be configured to send log data of denied traffic to a central audit server for analysis. Without a real-time alert (less than a second), security personnel may be unaware of an impending failure of the audit functions and system operation may be adversely impacted. The Cisco ASA must be configured to generate a real-time alert to organization-defined personnel and/or the firewall administrator in the event communication with the central audit server is lost. Additionally, unrestricted traffic may transit a. Unrestricted traffic to the trusted networks may contain malicious traffic that poses a threat to an enclave or to other connected networks. The Cisco ASA must be configured to filter inbound traffic on all external interfaces. If outbound communications traffic is not filtered, hostile activity intended to harm other networks or packets from networks destined to unauthorized networks may not be detected and. The Cisco ASA must be configured to filter outbound traffic on all internal interfaces. The management network must still have its own subnet in order to enforce control and access boundaries provided by Layer 3 network nodes such as routers and firewalls. The Cisco ASA perimeter firewall must be configured to block all outbound management traffic. Blocking or restricting detected harmful or suspicious. Information flow control regulates where information is allowed to travel within a network and between interconnected networks. The Cisco ASA must be configured to filter outbound traffic, allowing only authorized ports and services. In a port scanning attack, an unauthorized application is used to scan the host devices for available services and open ports for subsequent use in an attack. The Cisco ASA must be configured to implement scanning threat detection. Findings (MAC III - Administrative Sensitive) Finding ID
0 Comments
Leave a Reply. |