Standards Group:
YALE-MSS-10: Network Exposure
YALE-MSS-10.1: Enable ports, protocols, and services on an as needed basis
Low Risk Endpoint
Required
Moderate Risk Endpoint
Required
High Risk Endpoint
Required
Low Risk Server
Required
Moderate Risk Server
Required
High Risk Server
Required
Low Risk Mobile Device
Required
Moderate Risk Mobile Device
Required
High Risk Mobile Device
Required
Low Risk Network Printer
Required
Moderate Risk Network Printer
Required
High Risk Network Printer
Required
Details
Only enable the ports, protocols, and services that are strictly necessary for your system to function.
Use the netstat command on your system and/or scan your IP address with nmap from another machine to
understand what ports are open. Limit unnecessary network exposure by disabling services or using a firewall.
Configure an appropriate resource limit or cost cap on your cloud services. Attackers can make excessive requests to your cloud services, exhausting your resources or incurring a large bill. Implementing a resource limit or cost cap can mitigate this risk.