mirror of
https://github.com/usnistgov/macos_security.git
synced 2026-03-04 01:12:00 +00:00
35 lines
1.3 KiB
YAML
35 lines
1.3 KiB
YAML
id: os_protect_dos_attacks
|
|
title: "Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces"
|
|
discussion: |
|
|
The macOS should be configured to prevent Denial of Service (DoS) attacks by enforcing rate-limiting measures on network interfaces.
|
|
|
|
DoS attacks leave authorized users unable to access information systems, devices, or other network resources due to the actions of a malicious cyber threat actor. When this occurs, the organization must operate at degraded capacity; often resulting in an inability to accomplish its mission.
|
|
|
|
To prevent DoS attacks by ensuring rate-limiting measures on network interfaces, many operating systems can be integrated with enterprise-level firewalls and networking equipment that meet or exceed this requirement.
|
|
check: |
|
|
The technology does not support this requirement. This is an applicable-does not meet finding.
|
|
fix: |
|
|
This requirement is a permanent finding and cannot be fixed. An appropriate mitigation for the system must be implemented, but this finding cannot be considered fixed.
|
|
references:
|
|
cce:
|
|
- CCE-84909-1
|
|
cci:
|
|
- CCI-002385
|
|
800-53r4:
|
|
- SC-5
|
|
disa_stig:
|
|
- N/A
|
|
srg:
|
|
- SRG-OS-000420-GPOS-00186
|
|
macOS:
|
|
- "10.15"
|
|
tags:
|
|
- cnssi-1253
|
|
- fisma-low
|
|
- fisma-moderate
|
|
- fisma-high
|
|
- STIG
|
|
- permanent
|
|
mobileconfig: false
|
|
mobileconfig_info:
|