17.3.25 Intrusion prevention

The system administrators shall implement the following controls in order to prevent intrusion into servers and systems;

  • Delete or turn off unnecessary services
  • Prevent the execution of unknown or unauthorized programs or code
  • Ensure firewall configurations are created and updated such as to allow only the communication channels required for the operation of the system or software

The system administrator shall implement the following controls in order to prevent intrusion via removal media (where the use of such devices is permitted) [Link: 17.8.20];

  • Disable all unnecessary USB ports or physical connections to the server or device
  • Scan removable media using anti-malware software upon connection

Policy Library Search

Table of Contents