control_freak | Controls | CM-07(04) - Unauthorized Software

(a) Identify cm-07.04_odp.01;

(b) Employ an allow-all, deny-by-exception policy to prohibit the execution of unauthorized software programs on the system; and

Parameter ID	Definition
cm-07.04_odp.01	software programs
cm-07.04_odp.02	frequency

Baselines

Guidance

Unauthorized software programs can be limited to specific versions or from a specific source. The concept of prohibiting the execution of unauthorized software may also be applied to user actions, system ports and protocols, IP addresses/ranges, websites, and MAC addresses.

Related controls 5

CM-06 Configuration Settings L M H P
CM-08 System Component Inventory L M H P
CM-10 Software Usage Restrictions L M H P
PL-09 Central Management L M H P
PM-05 System Inventory L M H P

CM-07(04) Unauthorized Software — Deny-by-exception

Baselines

Guidance

Related controls 5