CCI-003949
CCI-003949 Definition
| Status | |
| Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
Determine if [CM-07(06)_ODP; user-installed software required to be executed in a confined environment is defined] is required to be executed in a confined physical or virtual machine environment with limited privileges.
Validation Procedures
Examine: [SELECT FROM: Configuration management policy; procedures addressing least functionality in the system; configuration management plan; system design documentation; system configuration settings and associated documentation; list or record of software required to execute in a confined environment; system component inventory; common secure configuration checklists; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with responsibilities for identifying and/or managing user-installed software and associated privileges; organizational personnel with information security responsibilities; system/network administrators]. Test: [SELECT FROM: Organizational process for identifying user-installed software required to execute in a confined environment; mechanisms supporting and/or implementing the confinement of user-installed software to physical or virtual machine environments; mechanisms supporting and/or implementing privilege limitations on user-installed software].