Detections
Analytics

800-53|CM-7(4)

Title

UNAUTHORIZED SOFTWARE / BLACKLISTING

Description

The organization:

Supplemental

The process used to identify software programs that are not authorized to execute on organizational information systems is commonly referred to as blacklisting. Organizations can implement CM-7(5) instead of this control enhancement if whitelisting (the stronger of the two policies) is the preferred approach for restricting software program execution.

Reference Item Details

Related: CM-6,CM-8,PM-5

Category: CONFIGURATION MANAGEMENT

Parent Title: LEAST FUNCTIONALITY

Family: CONFIGURATION MANAGEMENT

Baseline Impact: MODERATE

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.19 Disable AutomountingUnixCIS Aliyun Linux 2 L1 v1.0.0
1.1.21 Disable AutomountingUnixCIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0
1.1.21 Disable AutomountingUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
1.2.4.10 Configure 'Turn off the Store application'WindowsCIS Windows 8 L1 v1.0.0
1.5 Remove all non-essential services from the host - running processesUnixCIS Docker 1.6 v1.0.0 L1 Linux
1.5.4 Ensure prelink is disabledUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
1.5.4 Ensure prelink is disabledUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
1.11 Do not root your deviceMDMMobileIron - CIS Google Android v1.3.0 L1
1.12 Do not root your deviceMDMMobileIron - CIS Google Android 7 v1.0.0 L1
1.36 WN16-00-000390WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.36 WN16-00-000390WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.36 WN19-00-000360WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.36 WN19-00-000360WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.36 WN22-00-000360WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.36 WN22-00-000360WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.37 WN16-00-000400WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.37 WN16-00-000400WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.37 WN19-00-000370WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.37 WN19-00-000370WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.37 WN22-00-000370WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.37 WN22-00-000370WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.38 WN16-00-000410WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.38 WN16-00-000410WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.38 WN19-00-000380WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.38 WN19-00-000380WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.38 WN22-00-000380WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.38 WN22-00-000380WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.41 WN16-00-000420WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.41 WN16-00-000420WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.41 WN19-00-000410WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.41 WN19-00-000410WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.41 WN22-00-000410WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.41 WN22-00-000410WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
2.1.11 Ensure openbsd-inetd is not installedUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
2.1.11 Ensure openbsd-inetd is not installedUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
2.2.2 Ensure X Window System is not installedUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
2.3.1 Ensure NIS Client is not installedUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
2.3.1 Ensure NIS Client is not installedUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
2.3.2 Ensure rsh client is not installedUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
2.3.2 Ensure rsh client is not installedUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
2.3.2 Ensure rsh client is not installed - 'rsh-client'UnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
2.3.2 Ensure rsh client is not installed - 'rsh-client'UnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
2.3.3 Ensure talk client is not installedUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
2.3.3 Ensure talk client is not installedUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
2.3.4 Ensure telnet client is not installedUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
2.3.4 Ensure telnet client is not installedUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
2.3.5 Ensure LDAP client is not installedUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
2.3.5 Ensure LDAP client is not installedUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
2.5.2 Enable GatekeeperUnixCIS Apple macOS 10.13 L1 v1.1.0
2.6.2 Enable GatekeeperUnixCIS Apple macOS 10.12 L1 v1.2.0