CCI-002731
CCI-002731 Definition
The organization requires that organization-defined user-installed software execute in a confined physical or virtual machine environment with limited privileges.
| Status | |
| Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed requires that user-installed software defined in SI-7 (11), CCI 2730 execute in a confined physical or virtual machine environment with limited privileges.
Validation Procedures
The organization conducting the inspection/assessment examines the information system to ensure that software defined in SI-7 (11), CCI 2730 executes in a confined physical or virtual machine environment with limited privileges.
Compelling Evidence
1.) Signed and dated System security plan. 2.) Software documentation defined in SI-7 (11), CCI 2730 executes in a confined physical or virtual machine environment with limited privileges.