CCI-001767

CCI-001767 Definition

Employ an allow-all, deny-by-exception policy to prohibit the execution of unauthorized software programs on the system.

Status
Type	CheckType.technical

Within the DoD, this control cannot be implemented.

Within the DoD, this control cannot be implemented.

1.) Signed and dated system security plan (SSP)

The controls below (if any) were marked by NIST as being related to CCI-001767.

Control	Description
CM-7(4)	The organization: (a): Identifies [organization-defined software programs not authorized to execute on the information system]; (b): Employs an allow-all, deny-by-exception policy to prohibit the execution of unauthorized software programs on the information system; and (c): Reviews and updates the list of unauthorized software programs [organization-defined frequency].