Protect audit information and audit logging tools from unauthorized access, modification, and deletion.
Limit management of audit logging functionality to a subset of privileged users.
Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles.
Establish and enforce security configuration settings for information technology products employed in organizational systems.
Track, review, approve or disapprove, and log changes to organizational systems.
Analyze the security impact of changes prior to implementation.
Define, document, approve, and enforce physical and logical access restrictions associated with changes to organizational systems.
Employ the principle of least functionality by configuring organizational systems to provide only essential capabilities.
Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services.
Apply deny-by-exception (blacklisting) policy to prevent the use of unauthorized software or deny-all, permit-by-exception (whitelisting) policy to allow the execution of authorized software.
Passcode