Finding assets that allow communication

You can find assets that allow communication from the Internet.

About this task

IBM QRadar Risk Manager evaluates the question and displays the results of any internal assets that allow inbound connections from the Internet. Security professionals, administrators, or auditors in your network can approve communications to assets that don't represent risk in your network. As more events are generated, you can create offenses in IBM QRadar SIEM to monitor this type of risky communication.

Procedure

  1. Click the Risks tab.
  2. On the navigation menu, click Policy Monitor.
  3. From the Group list, select PCI 10.
  4. Select the test question Assess any inbound connections from the internet to anywhere on the internal network.
  5. Click Submit Question.