9.4: Restrict Unnecessary or Unauthorized Browser and Email Client Extensions

CSF v1.1 References:

PR.IP-1

PF v1.0 References:

PR.PO-P1

Threats Addressed:

Elevation of Privilege
Lateral Movement

Group:

Previous Version:

Critical Security Controls Version 7.1:
7.2: Disable Unnecessary or Unauthorized Browser or Email Client Plugins

Control Statement

Restrict, either through uninstalling or disabling, any unauthorized or unnecessary browser or email client plugins, extensions, and add-on applications.

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]

Control Statement

Related Controls

NIST Special Publication 800-53 Revision 5

NIST Special Publication 800-53 Revision 4