800-53|CM-11(1)

Title

ALERTS FOR UNAUTHORIZED INSTALLATIONS

Description

The information system alerts [Assignment: organization-defined personnel or roles] when the unauthorized installation of software is detected.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Related: CA-7,SI-4

Category: CONFIGURATION MANAGEMENT

Parent Title: USER-INSTALLED SOFTWARE

Family: CONFIGURATION MANAGEMENT

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
5.241 - IE security prompt is enabled for web-based installations.	Windows	DISA Windows 7 STIG v1r32
5.241 - Users will be notified if a web-based program attempts to install software.	Windows	DISA Windows Server 2008 R2 DC STIG v1r34
5.241 - Users will be notified if a web-based program attempts to install software.	Windows	DISA Windows Server 2008 R2 MS STIG v1r33
5.241 - Windows Installer - IE Security Prompt	Windows	DISA Windows Server 2008 DC STIG v6r47
5.241 - Windows Installer - IE Security Prompt	Windows	DISA Windows Server 2008 MS STIG v6r46
18.9.85.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'	Windows	CIS Windows Server 2012 MS L2 v2.1.0
18.9.85.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'	Windows	CIS Windows Server 2012 DC L2 v2.1.0
18.9.85.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'	Windows	CIS Windows 7 Workstation Level 2 + Bitlocker v3.1.0
18.9.85.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'	Windows	CIS Windows 7 Workstation Level 2 v3.2.0
18.9.85.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.1.0
18.9.85.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'	Windows	CIS Windows Server 2012 R2 MS L2 v2.4.0
18.9.85.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2016 MS L2 v1.2.0
18.9.85.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'	Windows	CIS Windows Server 2016 DC L2 v1.2.0
18.9.85.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'	Windows	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0
18.9.85.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 L2 Bitlocker v2.3.0
18.9.85.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 L2 v2.3.0
18.9.85.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'	Windows	CIS Windows Server 2012 R2 DC L2 v2.4.0
18.9.85.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.1.0
18.9.85.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.1.0
18.9.85.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.1.0
18.9.85.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'	Windows	CIS Windows 7 Workstation Level 2 v3.1.0
18.9.86.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'	Windows	CIS Windows Server 2012 R2 DC L2 v2.5.0
18.9.86.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'	Windows	CIS Windows Server 2012 R2 MS L2 v2.5.0
DKER-EE-003460 - The Docker Enterprise log aggregation/SIEM systems must be configured to send an alert the ISSO/ISSM when unauthorized software is installed.	Unix	DISA STIG Docker Enterprise 2.x Linux/Unix v2r1
WN08-CC-000117 - Users must be notified if a web-based program attempts to install software.	Windows	DISA Windows 8/8.1 STIG v1r23
WN16-CC-000470 - Users must be notified if a web-based program attempts to install software.	Windows	DISA Windows Server 2016 STIG v2r3
WN16-CC-000470 - Users must be notified if a web-based program attempts to install software.	Windows	DISA Windows Server 2016 STIG v2r2
WN19-CC-000440 - Windows Server 2019 users must be notified if a web-based program attempts to install software.	Windows	DISA Windows Server 2019 STIG v2r2
WN19-CC-000440 - Windows Server 2019 users must be notified if a web-based program attempts to install software.	Windows	DISA Windows Server 2019 STIG v2r3

Detections

Analytics

800-53|CM-11(1)

Title

Description

Reference Item Details

Audit Items