CMMC Control CM.3.069 Details

Control Identifier: CM.3.069

Control CMMC Level: 3

Capability Domain: Configuration Management (CM)

Control Description:

Apply deny-by-exception (blacklisting) policy to prevent the use of unauthorized software or deny-all, permitby- exception (whitelisting) policy to allow the execution of authorized software.

Control References:

• - NIST SP 800-171 Rev 1 3.4.8
• - CIS Controls v7.1 2.1, 2.2, 2.6, 2.7, 2.8, 2.9
• - NIST CSF v1.1 PR.PT-3
• - CERT RMM v1.2 TM:SG2.SP2
• - NIST SP 800-53 Rev 4 CM-7(4), CM-7(5)
• - UK NCSC Cyber Essentials

  RETURN TO LIST      LEARN MORE ABOUT CMMC

  RETURN TO LIST

  LEARN MORE ABOUT CMMC