CISOBot - Your AI CISO Assistant

WEB-02

Use of Demilitarized Zones (DMZ)

Weight: 9/10

Description

Mechanisms exist to utilize a Demilitarized Zone (DMZ) to restrict inbound traffic to authorized Technology Assets, Applications and/or Services (TAAS) on certain services, protocols and ports.

Control Question

Does the organization utilize a Demilitarized Zone (DMZ) to restrict inbound traffic to authorized Technology Assets, Applications and/or Services (TAAS) on certain services, protocols and ports?

Control Metadata

Domain:

Web Security

Validation Cadence:

Annual

Have questions about this control?

Ask CISOBot for implementation guidance and best practices