Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-35677 | SRG-APP-000256-MAPP-NA | SV-46964r1_rule | Medium |
Description |
---|
A firewall default deny is a firewall configuration setting that will force the administrator to explicitly allow network or application traffic rather than allowing all traffic by default. The purpose is to prevent unmanaged access into the internal network or in the case of an application firewall, to application content, features, or functionality. Rationale for non-applicability: Mobile applications do not provide network services to other devices. Most mobile devices function outside the organization's security boundary and therefore are not positioned to provide boundary protection services in any case. |
STIG | Date |
---|---|
Mobile Application Security Requirements Guide | 2013-01-04 |
Check Text ( C-44019r1_chk ) |
---|
This requirement is NA for the MAPP SRG. |
Fix Text (F-40219r1_fix) |
---|
The requirement is NA. No fix is required. |