πΌ CM-7 Least Functionality (L)(M)(H)
- Contextual name: πΌ CM-7 Least Functionality (L)(M)(H)
- ID:
/frameworks/fedramp-moderate-security-controls/cm/07 - Located in: πΌ Configuration Management
Descriptionβ
a. Configure the system to provide only [Assignment: organization-defined mission essential capabilities]; and
b. Prohibit or restrict the use of the following functions, ports, protocols, software, and/or services: [Assignment: organization-defined prohibited or restricted functions, system ports, protocols, software, and/or services].
CM-7 Additional FedRAMP Requirements and Guidance:
(b) Requirement: The service provider shall use Security guidelines (See CM-6) to establish list of prohibited or restricted functions, ports, protocols, and/or services or establishes its own list of prohibited or restricted functions, ports, protocols, and/or services if STIGs or CIS is not available.
Similarβ
- Sections
/frameworks/fedramp-high-security-controls/cm/07
- Internal
- ID:
dec-c-ff33d573
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP High Security Controls β πΌ CM-7 Least Functionality (L)(M)(H) | 3 | 18 | 21 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ CM-7(1) Periodic Review (M)(H) | 11 | |||
| πΌ CM-7(2) Prevent Program Execution (M)(H) | ||||
| πΌ CM-7(5) Authorized Software β Allow-by-exception (M)(H) |