Back

Include installed custom software in the baseline configuration.


CONTROL ID
13274
CONTROL TYPE
Establish/Maintain Documentation
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Establish, implement, and maintain a configuration baseline based on the least functionality principle., CC ID: 00862

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • Use standard, industry-recommended hardening configuration templates for application infrastructure components. This includes underlying servers, databases, and web servers, and applies to cloud containers, Platform as a Service (PaaS) components, and SaaS components. Do not allow in-house developed… (CIS Control 16: Safeguard 16.7 Use Standard Hardening Configuration Templates for Application Infrastructure, CIS Controls, V8)
  • Any custom software installed; (CIP-010-4 Table R1 Part 1.1 Requirements 1.1.3., North American Electric Reliability Corporation Critical Infrastructure Protection Standards Cyber Security - Configuration Change Management and Vulnerability Assessments CIP-010-4, Version 4)
  • Any custom software installed; (CIP-010-2 Table R1 Part 1.1 Requirements 1.1.3., North American Electric Reliability Corporation Critical Infrastructure Protection Standards Cyber Security - Configuration Change Management and Vulnerability CIP-010-2, Version 2)
  • Any custom software installed; (CIP-010-3 Table R1 Part 1.1 Requirements 1.1.3., North American Electric Reliability Corporation Critical Infrastructure Protection Standards Cyber Security - Configuration Change Management and Vulnerability CIP-010-3, Version 3)