Without authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity.
Peripherals include, but are not limited to, such devices as flash drives, external storage, and printers.
Check
Verify Amazon Linux 2023 disables the file system automount function with the following command:
$ sudo systemctl is-enabled autofs masked
If the returned value is not "masked", "disabled", "Failed to get unit file state for autofs.service for autofs", or "enabled", and is not documented as operational requirement with the information system security officer (ISSO), this is a finding.
Fix
Configure Amazon Linux 2023 to disable the ability to automount devices.
The autofs service can be disabled with the following command: