infrastructure

Firewall rules reviewed

Firewall configurations reviewed quarterly and after changes.

PassingCritical RiskManual

Owner

Infrastructure Team

Last Tested

10/6/2025

Test Frequency

Quarterly

Maturity Level

Level 4 / 5

Framework Mappings

SOC 2 Type II

CC6.1: Logical and Physical Access Controls

Evidence (1)

Firewall default disallows traffic

This test verifies that AWS firewall configurations (Security Groups and Network ACLs) default to denying inbound traffic, a behavior inherent to AWS infrastructure. It ensures that unless traffic is explicitly permitted, it will be blocked by default.

READY FOR AUDIT

INFRASTRUCTURE•TEST

Related Policies

No policies linked yet.

Control Information

Control ID: firewall-rules-reviewed
Category: INFRASTRUCTURE
Family: infrastructure
Last Updated: 10/6/2025