800-53|CM-7(4)

Title

UNAUTHORIZED SOFTWARE / BLACKLISTING

Description

The organization:

Supplemental

The process used to identify software programs that are not authorized to execute on organizational information systems is commonly referred to as blacklisting. Organizations can implement CM-7(5) instead of this control enhancement if whitelisting (the stronger of the two policies) is the preferred approach for restricting software program execution.

Reference Item Details

Related: CM-6,CM-8,PM-5

Category: CONFIGURATION MANAGEMENT

Parent Title: LEAST FUNCTIONALITY

Family: CONFIGURATION MANAGEMENT

Baseline Impact: MODERATE

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.19 Disable AutomountingUnixCIS Aliyun Linux 2 L1 v1.0.0
1.1.21 Disable AutomountingUnixCIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0
1.1.21 Disable AutomountingUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
1.1.23 Disable AutomountingUnixCIS Ubuntu Linux 18.04 LTS Workstation L2 v2.1.0
1.1.23 Disable AutomountingUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
1.5 Remove all non-essential services from the host - running processesUnixCIS Docker 1.6 v1.0.0 L1 Linux
1.5.3 Ensure prelink is disabledUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
1.5.3 Ensure prelink is disabledUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
1.5.4 Ensure prelink is disabledUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
1.5.4 Ensure prelink is disabledUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
1.5.5 Ensure kernel core dumps are disabled.UnixCIS Amazon Linux 2 STIG v1.0.0 L3
1.8.1 Ensure GNOME Display Manager is removedUnixCIS Ubuntu Linux 18.04 LTS Server L2 v2.1.0
2.1.2 Ensure X Window System is not installedUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
2.1.3 Ensure Avahi Server is not installedUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
2.1.3 Ensure Avahi Server is not installedUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
2.1.4 Ensure CUPS is not installedUnixCIS Ubuntu Linux 18.04 LTS Workstation L2 v2.1.0
2.1.4 Ensure CUPS is not installedUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
2.1.5 Ensure DHCP Server is not installed - isc-dhcp-serverUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
2.1.5 Ensure DHCP Server is not installed - isc-dhcp-serverUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
2.1.6 Ensure LDAP server is not installedUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
2.1.6 Ensure LDAP server is not installedUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
2.1.7 Ensure NFS is not installedUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
2.1.7 Ensure NFS is not installedUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
2.1.8 Ensure DNS Server is not installedUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
2.1.8 Ensure DNS Server is not installedUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
2.1.9 Ensure FTP Server is not installedUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
2.1.9 Ensure FTP Server is not installedUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
2.1.10 Ensure HTTP server is not installedUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
2.1.10 Ensure HTTP server is not installedUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
2.1.11 Ensure IMAP and POP3 server are not installed - dovecot-imapdUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
2.1.11 Ensure IMAP and POP3 server are not installed - dovecot-imapdUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
2.1.11 Ensure IMAP and POP3 server are not installed - dovecot-pop3dUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
2.1.11 Ensure IMAP and POP3 server are not installed - dovecot-pop3dUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
2.1.11 Ensure openbsd-inetd is not installedUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
2.1.11 Ensure openbsd-inetd is not installedUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
2.1.12 Ensure Samba is not installedUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
2.1.12 Ensure Samba is not installedUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
2.1.13 Ensure HTTP Proxy Server is not installedUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
2.1.13 Ensure HTTP Proxy Server is not installedUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
2.1.14 Ensure SNMP Server is not installedUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
2.1.14 Ensure SNMP Server is not installedUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
2.1.16 Ensure rsync service is not installedUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
2.1.16 Ensure rsync service is not installedUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
2.1.17 Ensure NIS Server is not installedUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
2.1.17 Ensure NIS Server is not installedUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
2.2.1 Ensure NIS Client is not installedUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
2.2.1 Ensure NIS Client is not installedUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
2.2.2 Ensure rsh client is not installedUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
2.2.2 Ensure rsh client is not installedUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
2.2.2 Ensure X Window System is not installedUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0