An inactive interface is rarely monitored or controlled and may expose a network to an undetected attack on that interface. Unauthorized personnel with access to the communication facility could gain access to a router by connecting to a configured interface that is not in use. If an interface is no longer used, the configuration must be deleted and the interface disabled. For sub-interfaces, delete sub-interfaces that are on inactive interfaces and delete sub-interfaces that are themselves inactive. If the sub-interface is no longer necessary for authorized communications, it must be deleted. This requirement also applies to Zero Trust initiatives.
Review the router configuration. If an interface is not being used but is configured or enabled, this is a finding.
Delete inactive sub-interfaces and disable and delete the configuration of any inactive ports on the router.