SI-7(13)
SI-7(13): Code Execution in Protected Environments
The organization allows execution of binary or machine-executable code obtained from sources with limited or no warranty and without the provision of source code only in confined physical or virtual machine environments and with the explicit approval of [organization-defined personnel or roles].
Supplemental
This control enhancement applies to all sources of binary or machine-executable code including, for example, commercial software/firmware and open source software.
CIA Levels | |
---|---|
Confidentiality | unknown |
Integrity | unknown |
Availability | unknown |
Overlays |
---|
None |
CSF Categories |
---|
None |