Configuration Management

Level N/A

Mechanisms exist to allow baseline controls to be specialized or customized by applying a defined set of tailoring actions that are specific to: ▪ Mission / business functions; ▪ Operational environment; ▪ Specific threats or vulnerabilities; or ▪ Other conditions or situations that could affect mission / business success.

Login

Configuration Management

Mechanisms exist to configure systems to provide only essential capabilities by specifically prohibiting or restricting the use of ports, protocols, and/or services.

Login

Configuration Management

Level N/A

Mechanisms exist to periodically review system configurations to identify and disable unnecessary and/or non-secure functions, ports, protocols and services.

Login

Configuration Management

Mechanisms exist to configure systems to prevent the execution of unauthorized software programs.

Login

Configuration Management

Mechanisms exist to whitelist or blacklist applications in an order to limit what is authorized to execute on systems.

Login

Configuration Management

Level N/A

Mechanisms exist to prevent split tunneling for remote devices unless the split tunnel is securely provisioned using organization-defined safeguards.

Login

Configuration Management

Mechanisms exist to enforce software usage restrictions to comply with applicable contract agreements and copyright laws.

Login

Configuration Management

Mechanisms exist to establish parameters for the secure use of open source software.

Login

Configuration Management

Mechanisms exist to allow only approved Internet browsers and email clients to run on systems.

Login

Configuration Management

Mechanisms exist to restrict the ability of non-privileged users to install unauthorized software.

Login