ACF2 APPLDEF GSO record if used must have supporting documentation indicating the reason it was used.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| low | V-223488 | SRG-OS-000480-GPOS-00227 | ACF2-ES-000700 | SV-223488r991589_rule | 2025-03-11 | 9 |
| Description |
|---|
| Failure to restrict network connectivity only to authorized systems permits inbound connections from malicious systems. It also permits outbound connections that may facilitate exfiltration of DoD data. |
| ℹ️ Check |
|---|
| From the ACF Command screen enter: SET CONTROL(GSO) LIST LIKE(APPLDEF-) If the GSO APPLDEF record does not exist, this is not a finding. If the GSO APPLDEF record does exist and no supporting documentation is available, this is a finding. |
| ✔️ Fix |
|---|
| For any APPLDEF GSO record used, it must have supporting documentation indicating the reason it was used. The APPLDEF record is optional. |