FIPS 199 High Impact (for ICS) |
| Findings
Color Code |
| Satisfied |
| Other Than Satisfied - not assessed |
| Other Than Satisfied - failed
|
|
|
NIST SP 800-53A SC-07(05) .01
|
Question: In interviewing 33 percent (but no fewer than 2) of the Network Management Staff members, do they all agree that the information system deny network traffic by default and allow network traffic by exception (i.e., deny all, permit by exception) ? |
|
Answered by: BOSTON::HARRISON
As part of Interview group: NETWORK
|
Answer: YES
|
|
|
This NIST 800-53 report is posted on the Internet to promote Version 3.0 of LJK/Security . The corresponding vulnerability report for your own system should be guarded more carefully, such as by being reviewed only from local HTML disk files rather than via a web server.
|