Navigate

CCI-000382

CCI-000382 Definition

The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services.

Status
Type	CheckType.technical

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed configures the information system to prohibit or restrict the use of functions, ports, protocols, and/or services IAW DoDI 8551.01. DoD has defined the information system prohibited or restricted functions, ports, protocols, and/or services as IAW DoDI 8551.01.

Validation Procedures

The organization conducting the inspection/assessment inspects the information system to ensure the organization being inspected/assessed prohibits or restricts the use of functions, ports, protocols, and/or services IAW DoDI 8551.01. DoD has defined the information system prohibited or restricted functions, ports, protocols, and/or services as IAW DoDI 8551.01.

Compelling Evidence

1.) Approved ports, protocols, and/or services list

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000382.

Control	Description
CM-7	The organization: CM-7a.: Configures the information system to provide only essential capabilities; and CM-7b.: Prohibits or restricts the use of the following functions, ports, protocols, and/or services: [Assignment: organization-defined prohibited or restricted functions, ports, protocols, and/or services].