Navigate

CCI-001762

CCI-001762 Definition

The organization disables organization-defined functions, ports, protocols, and services within the information system deemed to be unnecessary and/or nonsecure.

Status
Type	CheckType.technical

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed must disable functions, ports, protocols, and services within the information system deemed to be unnecessary and/or nonsecure as defined in CM-7 (1), CCI 1761.

Validation Procedures

The organization conducting the inspection/assessment inspects the information system to ensure the organization being inspected/assessed disables functions, ports, protocols, and services within the information system deemed to be unnecessary and/or nonsecure as defined in CM-7 (1), CCI 1761.

Compelling Evidence

1.) Approved ports, protocols, and/or services list 2.) Audit trail of ports, protocols, and/or services scan and/or review

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001762.

Control	Description
CM-7 (1)	The organization: CM-7 (1)(a): Reviews the information system [Assignment: organization-defined frequency] to identify unnecessary and/or nonsecure functions, ports, protocols, and services; and CM-7 (1)(b): Disables [Assignment: organization-defined functions, ports, protocols, and services within the information system deemed to be unnecessary and/or nonsecure].