πΌ CM-7 Least Functionality (L)(M)(H)
- Contextual name: πΌ CM-7 Least Functionality (L)(M)(H)
- ID:
/frameworks/fedramp-high-security-controls/cm/07 - Located in: πΌ Configuration Management
Descriptionβ
a. Configure the system to provide only [Assignment: organization-defined mission essential capabilities]; and
b. Prohibit or restrict the use of the following functions, ports, protocols, software, and/or services: [Assignment: organization-defined prohibited or restricted functions, system ports, protocols, software, and/or services].
CM-7 Additional FedRAMP Requirements and Guidance:
(b) Requirement: The service provider shall use Security guidelines (See CM-6) to establish list of prohibited or restricted functions, ports, protocols, and/or services or establishes its own list of prohibited or restricted functions, ports, protocols, and/or services if STIGs or CIS is not available.
Similarβ
- Sections
/frameworks/nist-sp-800-53-r5/cm/07
- Internal
- ID:
dec-c-ff33d573
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST SP 800-53 Revision 5 β πΌ CM-7 Least Functionality | 9 | 11 |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP Low Security Controls β πΌ CM-7 Least Functionality (L)(M)(H) | 18 | |||
| πΌ FedRAMP Moderate Security Controls β πΌ CM-7 Least Functionality (L)(M)(H) | 3 | 21 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ CM-7(1) Periodic Review (M)(H) | 11 | 11 | ||
| πΌ CM-7(2) Prevent Program Execution (M)(H) | ||||
| πΌ CM-7(5) Authorized Software β Allow-by-exception (M)(H) |
Policies (18)β
Internal Rulesβ
| Rule | Policies | Flags |
|---|---|---|
| βοΈ dec-x-4c15a09f | 1 | |
| βοΈ dec-x-599c86b4 | 1 | |
| βοΈ dec-x-879aa996 | 1 | |
| βοΈ dec-x-215302da | 1 | |
| βοΈ dec-x-a20e54a0 | 1 | |
| βοΈ dec-x-e43fd12e | 1 | |
| βοΈ dec-x-f82b9849 | 1 |