Azure_VirtualNetworks_31
DNS is considered a protocol that should only be exposed in private networks, for a limited scope, allowing access to only applications and services that requires access. Limiting access is a good practice that prevents exploits through public interfaces or east west lateral movement.
Limit the access scope for Prevalent known internal port to only allow access in internal networks and limited scope.
If a public interface exists, remove it and limit the access scope within the VNET only to applications or instances that require access. See https://docs.microsoft.com/en-us/azure/virtual-network/network-security-groups-overview.
“Want to Know More?
Learn how our partners are managing their cloud security and compliance with Cloudlytics.
I hereby accept the GDPR and Privacy Policy, by subscribing to the newsletters.