Fedramp system Security Plan (ssp) High Baseline Template


CM-7 Least Functionality (L) (M) (H)



Download 1.2 Mb.
Page169/478
Date16.12.2020
Size1.2 Mb.
#54609
1   ...   165   166   167   168   169   170   171   172   ...   478
FedRAMP-SSP-High-Baseline-Template
FedRAMP-SSP-High-Baseline-Template, North Carolina Summary Table of Ecoregion Characteristics

CM-7 Least Functionality (L) (M) (H)


The organization:

  1. Configures the information system to provide only essential capabilities; and

  2. Prohibits or restricts the use of the following functions, ports, protocols, and/or services [FedRAMP Assignment: United States Government Configuration Baseline (USGCB)]

CM-7 Additional FedRAMP Requirements and Guidance:

Requirement: The service provider shall use the Center for Internet Security guidelines (Level 1) to establish list of prohibited or restricted functions, ports, protocols, and/or services or establishes its own list of prohibited or restricted functions, ports, protocols, and/or services if USGCB is not available. If no recognized USGCB is available for the technology in use, the CSP should create their own baseline and include a justification statement as to how they came up with the baseline configuration settings.

Guidance: Information on the USGCB checklists can be found at: https://csrc.nist.gov/Projects/United-States-Government-Configuration-Baseline

Partially derived from AC-17 (8).



CM-7


Download 1.2 Mb.

Share with your friends:
1   ...   165   166   167   168   169   170   171   172   ...   478



The database is protected by copyright ©ininet.org 2024
send message
    Main page
united states
total number
vast majority
federal government
other side
next generation
supreme court
information contained
current state
executive director
national association
middle east
east coast
general assembly
private sector
same time
west coast
united kingdom
united nations
total amount
full range
highest level
soviet union
european union
national academy