Refer to the following Detected Services insights and assessments and how they're mapped to CIS v7 and CIS v8 controls for Control Insights:
Services With Ineffective or No Credentials
The presence of services using credential defaults or do not have credentials indicates ineffective access management and authentication
At least one event of the following event types was detected: [Unauthenticated Service]
Assessment
Negative
Observations
Open Ports
| CIS v8 Controls |
CIS v7 Controls |
Controls
- 4 Secure Configuration of Enterprise Assets and Software
- 5 Account Management
Safeguards
- 12.6 Use of Secure Network Management and Communication Protocols
- 12.8 Establish and Maintain Dedicated Computing Resources For all Administrative Work
- 4.10 Enforce Automatic Device Lockout on Portable End-User Devices
- 4.2 Establish and Maintain a Secure Configuration Process for Network Infrastructure
- 5.2 Use Unique Passwords
- 5.3 Disable Dormant Accounts
|
Controls
- 4 Controlled Use of Administrative Privileges
- 5 Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers
Safeguards
- 4.2 Change Default Passwords
- 4.3 Ensure the Use of Dedicated Administrative Accounts
- 4.4 Use Unique Passwords
- 4.5 Use Multi-Factor Authentication for All Administrative Access
- 5.1 Establish Secure Configurations
- 5.4 Deploy System Configuration Management Tools
- 5.5 Implement Automated Configuration Monitoring Systems
|
-
April 3, 2025: Published.
Feedback
0 comments
Please sign in to leave a comment.