NIST 800-53 Rev. 5

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
PT
RA
SA
SC
SI
SR
CM-1
CM-2
CM-11(1)
CM-2(2)
CM-2(3)
CM-2(1)
CM-2(4)
CM-2(6)
CM-2(7)
CM-3
CM-3(1)
CM-3(2)
CM-3(3)
CM-3(4)
CM-3(5)
CM-3(6)
CM-3(7)
CM-3(8)
CM-4
CM-4(1)
CM-4(2)
CM-5
CM-5(1)
CM-2(5)
CM-5(2)
CM-5(4)
CM-5(5)
CM-5(6)
CM-5(3)
CM-6
CM-6(1)
CM-6(2)
CM-5(7)
CM-6(3)
CM-7
CM-7(1)
CM-7(2)
CM-7(3)
CM-7(4)
CM-7(5)
CM-7(6)
CM-7(7)
CM-7(8)
CM-7(9)
CM-8
CM-8(1)
CM-8(2)
CM-8(3)
CM-8(4)
CM-6(4)
CM-8(6)
CM-8(7)
CM-8(8)
CM-8(9)
CM-9
CM-9(1)
CM-10
CM-10(1)
CM-11
CM-8(5)
CM-11(2)
CM-11(3)
CM-12
CM-12(1)
CM-13
CM-14

CM-7(7): Least Functionality | Code Execution in Protected Environments

Control Text:

Allow execution of binary or machine-executable code only in confined physical or virtual machine environments and with the explicit approval of [Assignment: organization-defined personnel or roles] when such code is: (a) Obtained from sources with limited or no warranty; and/or (b) Without the provision of source code.

Code execution in protected environments applies to all sources of binary or machine-executable code, including commercial software and firmware and open-source software.

Related Controls