Rule: VPC Default Security Group Restriction

This rule ensures the VPC default security group does not allow unrestricted inbound and outbound traffic.

Rule	VPC default security group should not allow inbound and outbound traffic
Framework	Federal Financial Institutions Examination Council (FFIEC)
Severity	✔ Medium

Rule Description:

The VPC default security group should not allow inbound and outbound traffic for the Federal Financial Institutions Examination Council (FFIEC). This rule aims to prevent unauthorized access and ensure compliance with security regulations for financial institutions.

Troubleshooting Steps:

1.
Identify the existing default security group attached to the VPC.

2.
Check if any inbound or outbound rules allow traffic to or from FFIEC.

3.
Verify the source and destination IP addresses or ranges for any existing rules.

4.
If any rule allows traffic for FFIEC, it needs to be addressed.

Necessary Codes:

No specific codes are required for this rule. However, one may need to use the AWS Command Line Interface (CLI) for remediation steps.

Remediation Steps:

1.
Open the AWS Management Console and navigate to the EC2 service.

2.
Select the "Security Groups" option from the left-hand menu.

3.
Look for the default security group associated with the VPC.

4.
Identify any inbound or outbound rules related to FFIEC.

5.
To remove an inbound rule:
- Select the rule and click on the "Actions" button.
- Choose the "Delete inbound rule" option.
- Confirm the deletion.

6.
To remove an outbound rule:
- Select the rule and click on the "Actions" button.
- Choose the "Delete outbound rule" option.
- Confirm the deletion.

7.
Repeat steps 5 and 6 for each rule related to FFIEC.

8.
After removing all affected rules, make sure to review the remaining inbound and outbound rules to ensure they comply with security requirements.

9.
Save the changes.

Please note that modifying the default security group may impact the connectivity of resources within your VPC. Ensure that you carefully analyze the impact before proceeding with the remediation steps.

Rule: VPC Default Security Group Restriction

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Troubleshooting Steps:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Necessary Codes:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Remediation Steps:

Is your System Free of Underlying Vulnerabilities? Find Out Now

Troubleshooting Steps:

Necessary Codes:

Remediation Steps:

Is your System Free of Underlying Vulnerabilities?
Find Out Now