💼 CM-7 LEAST FUNCTIONALITY

Contextual name: 💼 CM-7 LEAST FUNCTIONALITY
ID: /frameworks/nist-sp-800-53-r4/cm/07
Located in: 💼 CM CONFIGURATION MANAGEMENT

Description

The organization: CM-7a. Configures the information system to provide only essential capabilities; and CM-7b. Prohibits or restricts the use of the following functions, ports, protocols, and/or services: [Assignment: organization-defined prohibited or restricted functions, ports, protocols, and/or services].

Similar

Internal
- ID: dec-c-69a5caa2

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST CSF v1.1 → 💼 PR.IP-1: A baseline configuration of information technology/industrial control systems is created and maintained incorporating security principles (e.g. concept of least functionality)		4	14
💼 NIST CSF v1.1 → 💼 PR.PT-3: The principle of least functionality is incorporated by configuring systems to provide only essential capabilities		21	25

Sub Sections

Section	Internal Rules	Policies
💼 CM-7 (1) PERIODIC REVIEW	3	4
💼 CM-7 (2) PREVENT PROGRAM EXECUTION
💼 CM-7 (3) REGISTRATION COMPLIANCE
💼 CM-7 (4) UNAUTHORIZED SOFTWARE _ BLACKLISTING
💼 CM-7 (5) AUTHORIZED SOFTWARE _ WHITELISTING

Policies (5)

Policy	Logic Count	Flags
📝 AWS EC2 Security Group allows public IPv4 (0.0.0.0/0) access to admin ports 🟢	1	🟢 x6
📝 AWS EC2 Security Group allows public IPv6 (::/0) access to admin ports 🟢	1	🟢 x6
📝 AWS S3 Bucket is not configured to block public access 🟢	1	🟢 x6
📝 AWS S3 Bucket Policy is not set to deny HTTP requests 🟢	1	🟢 x6
📝 Azure Cosmos DB Account Virtual Network Filter is not enabled 🟢	1	🟢 x6

Internal Rules

Rule	Policies	Flags
✉️ dec-x-46a83a30	1
✉️ dec-x-bcae85fb	2
✉️ dec-x-d5fbfc40	1
✉️ dec-x-ec547a7c	1

Description​

Similar​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (5)​

Internal Rules​