NIST SP 800-171 & CMMC 2.0 3.4.7 Requirement:
Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services.
NIST SP 800-171 & CMMC 2.0 3.4.7 Requirement Explanation:
By uninstalling nonessential programs and disabling unused ports, protocols, and services you are reducing the attack surface your systems.
Example NIST SP 800-171 & CMMC 2.0 3.4.7 Implementation:
Using your software whitelist (addressed in CM.3.69) as a reference uninstall all nonessential software from your systems. If it doesn't have an approved business need and isn't on your software whitelist, uninstall it. Review your workstations, servers, network devices, and printers to determine which ports and services you can disable. Only leave essential ports and services open.
NIST SP 800-171 & CMMC 2.0 3.4.7 Scenario(s):
- Scenario 1:
You discover that many employees in your organization have iTunes installed on their Windows workstations. Because this is a nonessential program you have it uninstalled from all of your systems.
- Scenario 2:
You have a web server that has several nonessential ports open. You work with your system administrator to only leave the essential ports open.
Quick & Simple
Discover Our Cybersecurity Compliance Solutions:
Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you
NIST SP 800-171 & CMMC Compliance
Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
HIPAA Compliance
Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
FAR 52.204-21 Compliance
Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
ISO 27001 Compliance
Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.