Through NSA and CISA Red and Blue team assessments, as well as through the activities of NSA and CISA Hunt and Incident Response teams, the agencies identified the following 10 most common network misconfigurations:
1) Default configurations of software and applications
2) Improper separation of user/administrator privilege
3) Insufficient internal network monitoring
4) Lack of network segmentation
5) Poor patch management
6) Bypass of system access controls
7) Weak or misconfigured multifactor authentication (MFA) methods
8) Insufficient access control lists (ACLs) on network shares and services
9) Poor credential hygiene
10) Unrestricted code execution
Facebook
Twitter
LinkedIn
