STIGQter: STIG Summary: Test and Development Zone B Security Technical Implementation Guide Version: 1 Release: 5 Benchmark Date: 26 Oct 2018:

Access control lists between the test and development environments must be in a deny-by-default posture.

DISA Rule

SV-51531r1_rule

Vulnerability Number

V-39664

Group Title

ENTD0250 - Access control lists not in deny-by-default security posture.

Rule Version

ENTD0250

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Implement a deny-by-default security posture for both ingress and egress traffic between test and development environments.

Check Contents

Determine whether a deny-by-default security posture has been implemented for both ingress and egress traffic between the test and development environments. If the organization is not using a deny-by-default security posture for traffic between the test and development environments, this is a finding.

Vulnerability Number

V-39664

Documentable

False

Rule Version

ENTD0250

Severity Override Guidance

Determine whether a deny-by-default security posture has been implemented for both ingress and egress traffic between the test and development environments. If the organization is not using a deny-by-default security posture for traffic between the test and development environments, this is a finding.

Check Content Reference

M

Target Key

1132

Comments