Skip to main content

💼 A.9.1.2 Access to networks and network services

  • ID: /frameworks/iso-iec-27001-2013/09/01/02

Description

Users shall only be provided with access to the network and network services that they have been specifically authorized to use.

Similar

  • Internal
    • ID: dec-c-2c4e1844

Similar Sections (Give Policies To)

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 NIST CSF v1.1 → 💼 PR.AC-4: Access permissions and authorizations are managed, incorporating the principles of least privilege and separation of duties1756no data
💼 NIST CSF v1.1 → 💼 PR.DS-5: Protections against data leaks are implemented4791no data
💼 NIST CSF v1.1 → 💼 PR.PT-3: The principle of least functionality is incorporated by configuring systems to provide only essential capabilities2130no data

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlagsCompliance

Policies (18)

PolicyLogic CountFlagsCompliance
🛡️ AWS Account Root User has active access keys🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows public IPv4 (0.0.0.0/0) access to admin ports🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows public IPv6 (::/0) access to admin ports🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted DNS traffic🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted FTP traffic🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted ICMP traffic🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted NetBIOS traffic🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted RPC traffic🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted SMTP traffic🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted traffic to MSSQL🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted traffic to MySQL🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted traffic to PostgreSQL🟢1🟢 x6no data
🛡️ AWS IAM Policy allows full administrative privileges🟢1🟢 x6no data
🛡️ Azure Cosmos DB Account Private Endpoints are not used🟢1🟢 x6no data
🛡️ Azure Cosmos DB Entra ID Client Authentication is not used🟢⚪🟢 x2, ⚪ x1no data
🛡️ Azure PostgreSQL Flexible Server Firewall Rules allow access to Azure services🟢1🟢 x6no data
🛡️ Azure SQL Database allows ingress from 0.0.0.0/0 (ANY IP)🟢1🟢 x6no data
🛡️ Azure Storage Account Trusted Azure Services are not enabled as networking exceptions🟢1🟢 x6no data

Internal Rules

RulePoliciesFlags
✉️ dec-x-0a7801fb1
✉️ dec-x-3e379c671
✉️ dec-x-6eab9b881
✉️ dec-x-11c3009f1
✉️ dec-x-42a090841
✉️ dec-x-157aa4b91
✉️ dec-x-0289e9c91
✉️ dec-x-293ab45b1
✉️ dec-x-3179d53c1
✉️ dec-x-66358b451
✉️ dec-x-b4d3d9dc2
✉️ dec-x-bcae85fb2
✉️ dec-x-bf1f13f61
✉️ dec-x-ca1c0c0d1
✉️ dec-x-f12d78aa1
✉️ dec-z-dbeeed9f1
✉️ dec-z-f778950c1