CM-7(7) - Least Functionality | Code Execution in Protected Environments

Allow execution of binary or machine-executable code only in confined physical or virtual machine environments and with the explicit approval of [Assignment: organization-defined personnel or roles] when such code is: (a) Obtained from sources with limited or no warranty; and/or (b) Without the provision of source code.


Informational References

ISO 27001

ID: CM-7(7)
Enhancement of : CM-7

Countermeasures Covered by Control

ID Name Description D3FEND

Space Threats Tagged by Control

ID Description

Sample Requirements

Requirement Rationale/Additional Guidance/Notes

Related SPARTA Techniques and Sub-Techniques

ID Name Description