12.3: Deny Communications With Known Malicious IP Addresses

CSF v1.1 References:

PF v1.0 References:


Info icon.

The next version of the control set incorporates all or part of this control into: 9.2: Use DNS Filtering Services.

Control Statement

Deny communications with known malicious or unused Internet IP addresses and limit access only to trusted and necessary IP address ranges at each of the organization’s network boundaries,.

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]