CM.L2-3.4.7 Nonessential Functionality
Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services.
Source: NIST SP 800-171 Rev 2 3.4.7
Discussion: Restricting the use of nonessential software (programs) includes restricting the roles allowed to approve program execution; prohibiting auto-execute; program blacklisting and whitelisting; or restricting the number of program instances executed at the same time. The organization makes a security-based determination which functions, ports, protocols, and/or services are restricted. Bluetooth, File Transfer Protocol (FTP), and peer-to-peer networking are examples of protocols organizations consider preventing the use of, restricting, or disabling.
SPRS Score: 5