Insights to Control Framework Mapping: Network Attack Surface Ingrid Refer to the following Network Attack Surface insights and assessments and how they're mapped to CIS v7 and CIS v8 controls for Control Insights: Exposed Services Having an unnecessarily large attack surface of exposed services on the network perimeter indicates ineffective control of network services The ratio of events of type [Unnecessarily Exposed Port] by type [Open Port] is above 1.0% Assessment Negative Observations Open Ports CIS v8 Controls CIS v7 Controls Controls N/A Safeguards 4.4 Implement and Manage a Firewall on Servers 4.8 Uninstall or Disable Unnecessary Services on Enterprise Assets and Software Controls 9 Limitation and Control of Network Ports, Protocols, and Services Safeguards 9.1 Associate Active Ports, Services, and Protocols to Asset Inventory 9.2 Ensure Only Approved Ports, Protocols, and Services Are Running 9.3 Perform Regular Automated Port Scans 9.4 Apply Host-Based Firewalls or Port-Filtering No Exposed Services The lack of unnecessarily exposed services on the network perimeter indicates effective control of network services The ratio of events of type [Unnecessarily Exposed Port] by type [Open Port] is below 0.001% Assessment Positive Observations Open Ports CIS v8 Controls CIS v7 Controls Controls N/A Safeguards 4.4 Implement and Manage a Firewall on Servers 4.8 Uninstall or Disable Unnecessary Services on Enterprise Assets and Software Controls 9 Limitation and Control of Network Ports, Protocols, and Services Safeguards 9.1 Associate Active Ports, Services, and Protocols to Asset Inventory 9.2 Ensure Only Approved Ports, Protocols, and Services Are Running 9.3 Perform Regular Automated Port Scans 9.4 Apply Host-Based Firewalls or Port-Filtering Cleartext Remote Protocols The presence of cleartext remote protocols over the Internet indicates ineffective network boundary defense and a lack of network data integrity At least one event of the following event types was detected: [Cleartext Protocol] Assessment Negative Observations Open Ports CIS v8 Controls CIS v7 Controls Controls 3 Data Protection 6 Access Control Management 13 Network Monitoring and Defense Safeguards 4.6 Securely Manage Enterprise Assets and Software 4.7 Manage Default Accounts on Enterprise Assets and Software Controls 12 Boundary Defense 13 Data Protection 14 Controlled Access Based on the Need to Know Safeguards 12.4 Deny Communication Over Unauthorized Ports 13.3 Monitor and Block Unauthorized Network Traffic 14.4 Encrypt All Sensitive Information in Transit Outbound Network Scanning Activity The presence of outbound network scanning activity indicates ineffective control of the network boundary At least one event of the following event types was detected: [Outbound Network Scanning Activity] Assessment Negative Observations Unsolicited Communications CIS v8 Controls CIS v7 Controls Controls 13 Network Monitoring and Defense Safeguards 13.2 Deploy a Host-Based Intrusion Detection Solution 13.3 Deploy a Network Intrusion Detection Solution 13.4 Perform Traffic Filtering Between Network Segments 13.5 Manage Access Control for Remote Assets 13.6 Collect Network Traffic Flow Logs 13.7 Deploy a Host-Based Intrusion Prevention Solution 13.8 Deploy a Network Intrusion Prevention Solution Controls 12 Boundary Defense Safeguards 12.1 Maintain an Inventory of Network Boundaries 12.2 Scan for Unauthorized Connections Across Trusted Network Boundaries 12.3 Deny Communications With Known Malicious IP Addresses 12.4 Deny Communication Over Unauthorized Ports 12.5 Configure Monitoring Systems to Record Network Packets 12.6 Deploy Network-Based IDS Sensors 12.7 Deploy Network-Based Intrusion Prevention Systems 12.8 Deploy NetFlow Collection on Networking Boundary Devices 12.9 Deploy Application Layer Filtering Proxy Server April 1, 2025: Published. Related articles Insights to Control Framework Mapping 4th Party Risk: Products Desktop Software Risk Vector Account: Distribution List Tab Insights to Control Framework Mapping: Browser Configurations Feedback 0 comments Please sign in to leave a comment.