CISOBot - Your AI CISO Assistant

CFG-03

Least Functionality

Weight: 10/10

Description

Mechanisms exist to configure systems to provide only essential capabilities by specifically prohibiting or restricting the use of ports, protocols, and/or services.

Control Question

Does the organization configure systems to provide only essential capabilities by specifically prohibiting or restricting the use of ports, protocols, and/or services?

Control Metadata

Domain:

Configuration Management

Validation Cadence:

Annual

Evidence Request List:

E-AST-12 E-AST-13 E-AST-14 E-AST-15 E-AST-16 E-AST-17 E-AST-18 E-AST-19 E-AST-20 E-AST-21

Have questions about this control?

Ask CISOBot for implementation guidance and best practices