12.3: Deny Communications With Known Malicious IP Addresses
The next version of the control set incorporates all or part of this control into: 9.2: Use DNS Filtering Services.
Control Statement
Deny communications with known malicious or unused Internet IP addresses and limit access only to trusted and necessary IP address ranges at each of the organization’s network boundaries,.
[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]