Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-222516 | APSC-DV-001480 | SV-222516r849454_rule | Medium |
Description |
---|
Control of application execution is a mechanism used to prevent execution of unauthorized applications in order to follow the rules of least privilege. Some applications may provide a capability that runs counter to the mission or provides users with functionality that exceeds mission requirements. Some of the functions and services, provided by default, may not be necessary to support essential organizational operations (e.g., key missions, functions). Removal of executable programs is not always possible; therefore, establishing a method of preventing program execution is critical to maintaining a secure system baseline. Software program restrictions include restricting execution of programs in certain environments, while preventing execution in other environments; or limiting execution of certain application functionality based on organization-defined criteria (e.g., privileges, subnets, sandboxed environments, security managers, roles). |
STIG | Date |
---|---|
Application Security and Development Security Technical Implementation Guide | 2022-09-21 |
Check Text ( C-24186r493456_chk ) |
---|
Review the application documentation and interview the application administrator to determine if policies, rules, or restrictions exist regarding application usage or terms which authorize the conditions of application use. If the policy, terms, or conditions state there are no usage restrictions, this requirement is not applicable. Interview the application administrator, review policy, terms, and conditions documents to determine what the terms and conditions of application usage are. Have the application administrator demonstrate how the program execution is restricted in accordance with the policy terms and conditions. Typical methods include but are not limited to the use of Windows Group Policy, AppLocker, Software Restriction Policies, Java Security Manager, and Role-Based Access Control (RBAC). If application requirements or policy documents specify application execution restriction requirements and the execution of the application or its subcomponents are not restricted in accordance with requirements or policy, this is a finding. |
Fix Text (F-24175r493457_fix) |
---|
Restrict application execution in accordance with the policy, terms, and conditions specified. |