← Back to catalog
CM-7(7)
Code Execution in Protected Environments
Configuration Management (CM)
Baselines
Low · Not includedModerate · Not includedHigh · Not included
Description
Allow execution of binary or machine-executable code only in confined physical or virtual machine environments and with the explicit approval of [assignment] when such code is: Obtained from sources with limited or no warranty; and/or Without the provision of source code.
Discussion
Code execution in protected environments applies to all sources of binary or machine-executable code, including commercial software and firmware and open-source software.
Implementation guidance
No content available.
CSF 2.0 crosswalk
No CSF mappings exist for this control.