ZoneManagement

Purpose

A ZoneManagement object is used to represent that there is a standard procedure or similar routines in place taking care of for instance regular patching, scanning for services and enforcing high quality passwords.

Object

Connection

Description

Function

Network

Management Status

A connection to a Network indicated that there are some maintenance routines regarding security that are practiced on that part of the Network which applies to all Hosts on the Network.

A Zone Management on a Network decreases the risk of FindUnknownService and FindExploitForPublic PatchableVulnerability.

Attack Steps and Defenses

Attack Step

Description

None

There are no attack steps associated with the ZoneManagement object.

Defense

Description

Impact

Default

AntiMalwarePolicy

Antimalware software is an effective way to detect, remove and deter malware attacks. This defense denotes the presence of a domain policy regarding the use of antimalware.

Reduces the risk of compromising clients, services, and hosts.

On

ChangeControl

Change control management is a critical procedure to ensure that interconnection between systems are maintained and secured. Such procedures increase the possibility of finding vulnerabilities which then can be mitigated.

Reduces the risk of finding an UnknownService on a Host.

On

HostFirewall

A Host level (or personal) firewall aims to block or allow certain services and data flows between hosts on the same Network e.g. the Windows firewall. This defense denotes the presence of Host firewalls across the Network.

Reduces the risk of finding an UnknownService on a Host.

Off

PatchManagement

Patches are developed and distributed by vendors to patch software with known bugs or vulnerabilities. This defense denotes the presence of automatic patching mechanisms on the network, e.g. enabling Windows Update.

Reduces the risk offinding an UnknownService on a Host.

On


What’s Next