STIGQter: STIG Summary: Network Infrastructure Policy Security Technical Implementation Guide Version: 9 Release: 10 Benchmark Date: 24 Jan 2020:

All Internet-facing applications must be hosted in a DoD Demilitarized Zone (DMZ) Extension.

DISA Rule

SV-15265r4_rule

Vulnerability Number

V-14640

Group Title

Internet facing applications must be in a DoD DMZ Extension.

Rule Version

NET0348

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Implement and move internet facing applications logically to a DoD DMZ Extension.

Check Contents

Review the network topology diagram and interview the ISSO to verify that all Internet-facing applications are hosted in a DoD DMZ Extension.

If there are any Internet-facing applications hosted in the enclave’s DMZ or private network, this is a finding.

Vulnerability Number

V-14640

Documentable

False

Rule Version

NET0348

Severity Override Guidance

Review the network topology diagram and interview the ISSO to verify that all Internet-facing applications are hosted in a DoD DMZ Extension.

If there are any Internet-facing applications hosted in the enclave’s DMZ or private network, this is a finding.

Check Content Reference

M

Target Key

838

Comments