← Back to catalog
SC-7(16)

Prevent Discovery of System Components

System and Communications Protection (SC)
Baselines
Low · Not includedModerate · Not includedHigh · Not included
Description

Prevent the discovery of specific system components that represent a managed interface.

Discussion

Preventing the discovery of system components representing a managed interface helps protect network addresses of those components from discovery through common tools and techniques used to identify devices on networks. Network addresses are not available for discovery and require prior knowledge for access. Preventing the discovery of components and devices can be accomplished by not publishing network addresses, using network address translation, or not entering the addresses in domain name systems. Another prevention technique is to periodically change network addresses.

Implementation guidance

No content available.

CSF 2.0 crosswalk

No CSF mappings exist for this control.