Restrict the automatic creation of default virtual networks and related resources during subscription initialization to avoid insecure default configurations and enforce custom network policies.
Networking / VPC / Controls / DEV
Restrict Default Network Creation
CCC.VPC.CN01 · Networking
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.VPC.CP01 | Isolated Custom Network Creation | Ability to create a virtual network that is isolated from other users of the same public cloud. |
Related Threats
| ID | Title | Description |
|---|---|---|
| CCC.VPC.TH01 | Unauthorized Access via Insecure Default Networks | Default network configurations may include insecure settings and open firewall rules,leading to unauthorized access and potential data breaches. |
Assessment Requirements
| ID | Text | Applicability |
|---|---|---|
| CCC.VPC.CN01.AR01 | When a subscription is created, the subscription MUST NOT contain default network resources. | tlp-amber, tlp-red |
Guideline Mappings
| Framework | ID | Remarks |
|---|---|---|
| NIST-CSF | PR.AC-5 | |
| CCM | TVM-02 | |
| ISO_27001 | 2013 A.12.3.1 | |
| NIST_800_53 | SC-7 |