Back

Configure the "Windows Firewall: Public: Allow unicast response" to organizational standards.


CONTROL ID
07873
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Configure network protection settings to organizational standards., CC ID: 07601

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • Configure the "Windows Firewall: Public: Allow unicast response" setting to "No". (E58F7B1A-F57F-46AB-A8D2-1A1EB7095A4A, Win7SP1 Computer Security Compliance, 1.0)
  • Configure the "Windows Firewall: Public: Allow unicast response" setting to "No". (E0CF4096-A6E6-463C-8A5A-307E8E9F78DB, Win8 Computer Security Compliance, 1.0)
  • Configure the "Windows Firewall: Public: Allow unicast response" setting to "No". (F9E6F775-6E80-46E7-A7A1-5E1BB1F5649D, WinVistaSP2 Computer Security Compliance, 1.0)
  • Configure the "Windows Firewall: Public: Allow unicast response" setting to "No". (886B2F3A-CF10-41FC-9227-DA2352900725, WS2008R2SP1 Domain Controller Security Compliance, 1.1)
  • Configure the "Windows Firewall: Public: Allow unicast response" setting to "No". (23D86C72-180A-4F3F-B409-D896AE0FA96D, WS2008R2SP1 Member Server Security Compliance, 1.1)
  • Configure the "Windows Firewall: Public: Allow unicast response" setting to "Not Defined". (5E503AA5-B3BC-4F3E-A5C6-FB6D8D21B992, WS2008SP2 Domain Controller Security Compliance, 1.0)
  • Configure the "Windows Firewall: Public: Allow unicast response" setting to "No". (94A0ED5A-0F00-42C3-B064-EA0FC9F0A71E, WS2008SP2 Member Server Security Compliance, 1.0)
  • Configure the "Windows Firewall: Public: Allow unicast response" setting to "No". (E2281A2F-DAC3-4E0F-9EBE-2235B461B0A6, WS2012 Domain Controller Security Compliance, 1.0)
  • Configure the "Windows Firewall: Public: Allow unicast response" setting to "No". (A86A7A50-504A-4F89-8F78-2FB776DB74C6, WS2012 Member Server Security Compliance, 1.0)
  • Title: Set 'Windows Firewall: Public: Allow unicast response' to 'No' Description: This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. Rationale: An attacker could respond to broadcast or multicast m… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.2.1.3.1.1.2.6_Set_Windows_Firewall_Public_Allow_unicast_response_to_No Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.2.1.3.1.1.2.6.2_, The Center for Internet Security Microsoft Windows 7 Level 1 + BitLocker Benchmark, 2.1.0)
  • Title: Set 'Windows Firewall: Public: Allow unicast response' to 'No' Description: This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. Rationale: An attacker could respond to broadcast or multicast m… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.2.1.3.1.1.2.6_Set_Windows_Firewall_Public_Allow_unicast_response_to_No Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.2.1.3.1.1.2.6.1_, The Center for Internet Security Microsoft Windows 7 Level 1 + BitLocker Benchmark, 2.1.0)
  • Title: Set 'Windows Firewall: Public: Allow unicast response' to 'No' Description: This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. Rationale: An attacker could respond to broadcast or multicast m… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.2.1.3.1.1.2.6_Set_Windows_Firewall_Public_Allow_unicast_response_to_No Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.2.1.3.1.1.2.6.1_, The Center for Internet Security Microsoft Windows 7 Level 1 Benchmark, 2.1.0)
  • Title: Set 'Windows Firewall: Public: Allow unicast response' to 'No' Description: This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. Rationale: An attacker could respond to broadcast or multicast m… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.2.1.3.1.1.2.6_Set_Windows_Firewall_Public_Allow_unicast_response_to_No Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.2.1.3.1.1.2.6.2_, The Center for Internet Security Microsoft Windows 7 Level 1 Benchmark, 2.1.0)
  • Title: Set 'Windows Firewall: Public: Allow unicast response' to 'No' Description: This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. The recommended state for this setting is: No. Rationale: An att… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.5.3.6_Set_Windows_Firewall_Public_Allow_unicast_response_to_No Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.5.3.6.2_, The Center for Internet Security Microsoft Windows 8 Level 1 + BitLocker Benchmark, 1.0.0)
  • Title: Set 'Windows Firewall: Public: Allow unicast response' to 'No' Description: This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. The recommended state for this setting is: No. Rationale: An att… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.5.3.6_Set_Windows_Firewall_Public_Allow_unicast_response_to_No Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.5.3.6.1_, The Center for Internet Security Microsoft Windows 8 Level 1 + BitLocker Benchmark, 1.0.0)
  • Title: Set 'Windows Firewall: Public: Allow unicast response' to 'No' Description: This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. The recommended state for this setting is: No. Rationale: An att… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.5.3.6_Set_Windows_Firewall_Public_Allow_unicast_response_to_No Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.5.3.6.1_, The Center for Internet Security Microsoft Windows 8 Level 1 Benchmark, 1.0.0)
  • Title: Set 'Windows Firewall: Public: Allow unicast response' to 'No' Description: This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. The recommended state for this setting is: No. Rationale: An att… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.5.3.6_Set_Windows_Firewall_Public_Allow_unicast_response_to_No Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.5.3.6.2_, The Center for Internet Security Microsoft Windows 8 Level 1 Benchmark, 1.0.0)
  • Title: Configure 'Windows Firewall: Public: Allow unicast response' Description: This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. Rationale: An attacker could respond to broadcast or multicast mes… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.4.1.1.3.8_Configure_Windows_Firewall_Public_Allow_unicast_response Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.4.1.1.3.8.1_, The Center for Internet Security Microsoft Windows Server 2008 Level 1 Domain Controller Benchmark, 2.1.0)
  • Title: Configure 'Windows Firewall: Public: Allow unicast response' Description: This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. Rationale: An attacker could respond to broadcast or multicast mes… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.4.1.1.3.8_Configure_Windows_Firewall_Public_Allow_unicast_response Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.4.1.1.3.8.2_, The Center for Internet Security Microsoft Windows Server 2008 Level 1 Domain Controller Benchmark, 2.1.0)
  • Title: Set 'Windows Firewall: Public: Allow unicast response' to 'No' Description: This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. Rationale: An attacker could respond to broadcast or multicast m… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.4.1.1.3.6_Set_Windows_Firewall_Public_Allow_unicast_response_to_No Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.4.1.1.3.6.1_, The Center for Internet Security Microsoft Windows Server 2008 Level 1 Member Server Benchmark, 2.1.0)
  • Title: Set 'Windows Firewall: Public: Allow unicast response' to 'No' Description: This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. Rationale: An attacker could respond to broadcast or multicast m… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.4.1.1.3.6_Set_Windows_Firewall_Public_Allow_unicast_response_to_No Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.4.1.1.3.6.2_, The Center for Internet Security Microsoft Windows Server 2008 Level 1 Member Server Benchmark, 2.1.0)
  • Title: Set 'Windows Firewall: Public: Allow unicast response' to 'No' Description: This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. Rationale: An attacker could respond to broadcast or multicast m… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.4.1.1.3.4_Set_Windows_Firewall_Public_Allow_unicast_response_to_No Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.4.1.1.3.4.1_, The Center for Internet Security Microsoft Windows Server 2008 R2 Level 1 Domain Controller Benchmark, 2.1.0)
  • Title: Set 'Windows Firewall: Public: Allow unicast response' to 'No' Description: This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. Rationale: An attacker could respond to broadcast or multicast m… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.4.1.1.3.4_Set_Windows_Firewall_Public_Allow_unicast_response_to_No Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.4.1.1.3.4.2_, The Center for Internet Security Microsoft Windows Server 2008 R2 Level 1 Domain Controller Benchmark, 2.1.0)
  • Title: Set 'Windows Firewall: Public: Allow unicast response' to 'No' Description: This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. Rationale: An attacker could respond to broadcast or multicast m… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.4.1.1.3.4_Set_Windows_Firewall_Public_Allow_unicast_response_to_No Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.4.1.1.3.4.1_, The Center for Internet Security Microsoft Windows Server 2008 R2 Level 1 Member Server Benchmark, 2.1.0)
  • Title: Set 'Windows Firewall: Public: Allow unicast response' to 'No' Description: This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. Rationale: An attacker could respond to broadcast or multicast m… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.4.1.1.3.4_Set_Windows_Firewall_Public_Allow_unicast_response_to_No Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.4.1.1.3.4.2_, The Center for Internet Security Microsoft Windows Server 2008 R2 Level 1 Member Server Benchmark, 2.1.0)
  • Title: Set 'Windows Firewall: Public: Allow unicast response' to 'No' Description: This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. The recommended state for this setting is: No. Rationale: An att… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.5.1.2_Set_Windows_Firewall_Public_Allow_unicast_response_to_No Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.5.1.2.2_, The Center for Internet Security Microsoft Windows Server 2012 Level 1 Domain Controller Benchmark, 1.0.0)
  • Title: Set 'Windows Firewall: Public: Allow unicast response' to 'No' Description: This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. The recommended state for this setting is: No. Rationale: An att… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.5.1.2_Set_Windows_Firewall_Public_Allow_unicast_response_to_No Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.5.1.2.1_, The Center for Internet Security Microsoft Windows Server 2012 Level 1 Domain Controller Benchmark, 1.0.0)
  • Title: Set 'Windows Firewall: Public: Allow unicast response' to 'No' Description: This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. The recommended state for this setting is: No. Rationale: An att… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.5.1.2_Set_Windows_Firewall_Public_Allow_unicast_response_to_No Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.5.1.2.2_, The Center for Internet Security Microsoft Windows Server 2012 Level 1 Member Server Benchmark, 1.0.0)
  • Title: Set 'Windows Firewall: Public: Allow unicast response' to 'No' Description: This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. The recommended state for this setting is: No. Rationale: An att… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.5.1.2_Set_Windows_Firewall_Public_Allow_unicast_response_to_No Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.5.1.2.1_, The Center for Internet Security Microsoft Windows Server 2012 Level 1 Member Server Benchmark, 1.0.0)
  • Unicast response to multicast or broadcast requests should be enabled or disabled as appropriate for the Public Profile. Technical Mechanisms: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Windows Firewall with Advanced Security\Windows Firewall with Advanced Security\Windows F… (CCE-10873-8, Common Configuration Enumeration List, Combined XML: Microsoft Windows Server 2008 R2, 5.20130214)