CFM-02—Default "Deny-all" Settings

>Control Description

Where applicable, the information system default access configurations are set to "deny-all."

Theme

Technology

Type

Preventive

Policy/Standard

Infrastructure Management Policy

>Implementation Guidance

1. Prepare a list of in-scope network devices and production accounts and ensure that default deny-all rules are configured 2. Ensure that deny-all rule precedes all other applied rules in terms of priority.

>Testing Procedure

1. For a list of in-scope network devices and production accounts, validate that default deny-all rules are configured 2. Validate that deny-all rule precedes all other applied rules in terms of priority.

>Audit Artifacts

E-AM-02

E-CFM-03

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

Cyber Essentials
1

Ask AI

Configure your API key to use AI features.

>Control Description

Theme

Type

Policy/Standard

>Implementation Guidance

>Testing Procedure

>Audit Artifacts

>Framework Mappings

CIS Controls1

FedRAMP Rev 51

PCI DSS2

Cyber Essentials1

Ask AI

CIS Controls
1

FedRAMP Rev 5
1

PCI DSS
2

Cyber Essentials
1