Configuration Management (CM)

Configuration Settings CM-6

Thu, Sep 29, 2022 0 0 408 0/5 (0 Vote)

Overview:The organization:a. Establishes and documents configuration settings for information technology products employed within the information system using [Assignment: organization-defined security configuration checklists] that reflect the most... Read More

Configure Systems, Components, or Devices for High-Risk Areas CM-2(7)

Thu, Sep 29, 2022 0 0 427 0/5 (0 Vote)

Overview:The organization:(a) Issues [Assignment: organization-defined information systems, system components, or devices] with [Assignment: organization-defined configurations] to individuals traveling to locations that the organization deems to be... Read More

Information System Component Inventory CM-8

Thu, Sep 29, 2022 0 0 392 0/5 (0 Vote)

Overview:The organization:a. Develops and documents an inventory of information system components that:1. Accurately reflects the current information system;2. Includes all components within the authorization boundary of the information system;3. Is... Read More

Least Functionality CM-7

Thu, Sep 29, 2022 0 0 383 0/5 (0 Vote)

Overview:The organization:a. Configures the information system to provide only essential capabilities; andb. Prohibits or restricts the use of the following functions, ports, protocols, and/or services: [Assignment: organization-defined prohibited or... Read More

Limit Production and Operational Privileges CM-5(5)

Thu, Sep 29, 2022 0 0 460 0/5 (0 Vote)

Overview:The organization:(a) Limits privileges to change information system components and system-related information within a production or operational environment; and(b) Reviews and reevaluates privileges [Assignment: organization-defined... Read More

No Duplicate Accounting of Components CM-8(5)

Thu, Sep 29, 2022 0 0 376 0/5 (0 Vote)

Overview:The organization verifies that all components within the authorization boundary of the information system are not duplicated in other information system inventories. Supplemental Guidance:This control enhancement addresses the potential... Read More

Open Source Software CM-10(1)

Thu, Sep 29, 2022 0 0 397 0/5 (0 Vote)

Overview:The organization establishes the following restrictions on the use of open source software: [Assignment: organization-defined restrictions]. Supplemental Guidance:Open source software refers to software that is available in source code form.... Read More

Periodic Review CM-7(1)

Thu, Sep 29, 2022 0 0 394 0/5 (0 Vote)

Overview:The organization:(a) Reviews the information system [Assignment: organization-defined frequency] to identify unnecessary and/or nonsecure functions, ports, protocols, and services; and(b) Disables [Assignment: organization-defined functions,... Read More

Prevent Program Execution CM-7(2)

Thu, Sep 29, 2022 0 0 416 0/5 (0 Vote)

Overview:The information system prevents program execution in accordance with [Selection (one or more): [Assignment: organization-defined policies regarding software program usage and restrictions]; rules authorizing the terms and conditions of... Read More

Retention of Previous Configurations CM-2(3)

Thu, Sep 29, 2022 0 0 376 0/5 (0 Vote)

Overview:The organization retains [Assignment: organization-defined previous versions of baseline configurations of the information system] to support rollback. Supplemental Guidance:Retaining previous versions of baseline configurations to support... Read More

Results 11 - 20 of 26