CCI-002823

Defines the controls to be implemented to protect the system memory from unauthorized code execution.

Implementation Guidance

The organization being inspected/assessed defines and documents the security safeguards to be implemented to protect the information system's memory from unauthorized code execution. DoD has determined the security safeguards are not appropriate to define at the Enterprise level.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented security safeguards to ensure the organization being inspected/assessed defines the security safeguards to be implemented to protect the information system's memory from unauthorized code execution. DoD has determined the security safeguards are not appropriate to define at the Enterprise level.

Compelling Evidence

1.) Signed and dated System security plan defines security safeguards to protect information system against unauthorized code execution. 2.) Protection software configuration is configured to block and report on unauthorized code execution attempts.

The controls below (if any) were marked by NIST as being related to CCI-002823.