NIST 800-53 Rev. 5

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
PT
RA
SA
SC
SI
SR
CM-1
CM-2
CM-11(1)
CM-2(2)
CM-2(3)
CM-2(1)
CM-2(4)
CM-2(6)
CM-2(7)
CM-3
CM-3(1)
CM-3(2)
CM-3(3)
CM-3(4)
CM-3(5)
CM-3(6)
CM-3(7)
CM-3(8)
CM-4
CM-4(1)
CM-4(2)
CM-5
CM-5(1)
CM-2(5)
CM-5(2)
CM-5(4)
CM-5(5)
CM-5(6)
CM-5(3)
CM-6
CM-6(1)
CM-6(2)
CM-5(7)
CM-6(3)
CM-7
CM-7(1)
CM-7(2)
CM-7(3)
CM-7(4)
CM-7(5)
CM-7(6)
CM-7(7)
CM-7(8)
CM-7(9)
CM-8
CM-8(1)
CM-8(2)
CM-8(3)
CM-8(4)
CM-6(4)
CM-8(6)
CM-8(7)
CM-8(8)
CM-8(9)
CM-9
CM-9(1)
CM-10
CM-10(1)
CM-11
CM-8(5)
CM-11(2)
CM-11(3)
CM-12
CM-12(1)
CM-13
CM-14

CM-7(6): Least Functionality | Confined Environments with Limited Privileges

Control Text:

Require that the following user-installed software execute in a confined physical or virtual machine environment with limited privileges: [Assignment: organization-defined user-installed software].

Organizations identify software that may be of concern regarding its origin or potential for containing malicious code. For this type of software, user installations occur in confined environments of operation to limit or contain damage from malicious code that may be executed.

Related Controls