IVS-07: OS Hardening and Base Controls

Control Family:

Infrastructure & Virtualization Security

CSF v1.1 References:

PR.IP-1
PR.PT-3

PF v1.0 References:

PR.PO-P1
PR.PT-P2

Threats Addressed:

Tampering
Elevation of Privilege
Lateral Movement

Control Statement

Each operating system shall be hardened to provide only necessary ports, protocols, and services to meet business needs and have in place supporting technical controls such as: antivirus, file integrity monitoring, and logging as part of their baseline operating build standard or template.

Control Statement

Related Controls

NIST Special Publication 800-53 Revision 5

NIST Special Publication 800-53 Revision 4