Configure the .NET Framework to prevent unauthorized mobile code from executing.

CONTROL ID
04531

CONTROL TYPE
Configuration

CLASSIFICATION
Preventive

This Control directly supports the implied Control(s):

Configure Internet Browser security options according to organizational standards., CC ID: 02166

There are no implementation support Controls.

Mobile code shall be authorized before its installation and use, and the configuration shall ensure that the authorized mobile code operates according to a clearly defined security policy. (SA-15, The Cloud Security Alliance Controls Matrix, Version 1.3)
Prevent unauthorized mobile code from executing. (SA-15, The Cloud Security Alliance Controls Matrix, Version 1.3)
Mobile code is software code that is transferred from one computer to another computer and executes a specific function with little or no user interaction. Authorized mobile code should execute according to the security policy; unauthorized mobile code should be prevented from executing. (§ 10.4.2, ISO 27002 Code of practice for information security management, 2005)
The .NET Framework should be configured to prevent the execution of unauthorized mobile code if it has been installed on the system. (§ 5.10.1.1, DISA Windows Server 2003 Security Checklist, Version 6 Release 1.11)
The organization must disable the capability to automatically execute code on mobile devices absent user direction. (App F § AC-19.e, Recommended Security Controls for Federal Information Systems, NIST SP 800-53)