800-53|SC-34

Title

NON-MODIFIABLE EXECUTABLE PROGRAMS

Description

The information system at [Assignment: organization-defined information system components]:

Supplemental

The term operating environment is defined as the specific code that hosts applications, for example, operating systems, executives, or monitors including virtual machine monitors (i.e., hypervisors). It can also include certain applications running directly on hardware platforms. Hardware-enforced, read-only media include, for example, Compact Disk-Recordable (CD-R)/Digital Video Disk-Recordable (DVD-R) disk drives and one-time programmable read-only memory. The use of non-modifiable storage ensures the integrity of software from the point of creation of the read-only image. The use of reprogrammable read-only memory can be accepted as read-only media provided: (i) integrity can be adequately protected from the point of initial writing to the insertion of the memory into the information system; and (ii) there are reliable hardware protections against reprogramming the memory while installed in organizational information systems.

Reference Item Details

Related: AC-3,SI-7

Category: SYSTEM AND COMMUNICATIONS PROTECTION

Family: SYSTEM AND COMMUNICATIONS PROTECTION

Priority: P0

Audit Items

View all Reference Audit Items

NamePluginAudit Name
Big Sur - Enable Authenticated RootUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Enable Authenticated RootUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Enable Authenticated RootUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Enable Authenticated RootUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Enable Authenticated RootUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Enable Authenticated RootUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Enable Authenticated RootUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Enable Authenticated RootUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Enable Authenticated RootUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Ensure System Volume is Read OnlyUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Ensure System Volume is Read OnlyUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Ensure System Volume is Read OnlyUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Ensure System Volume is Read OnlyUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Ensure System Volume is Read OnlyUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Catalina - Ensure System Volume is Read OnlyUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Ensure System Volume is Read OnlyUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Ensure System Volume is Read OnlyUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Ensure System Volume is Read OnlyUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Ensure System Volume is Read OnlyUnixNIST macOS Catalina v1.5.0 - All Profiles
Monterey - Enable Authenticated RootUnixNIST macOS Monterey v1.0.0 - 800-53r4 Low
Monterey - Enable Authenticated RootUnixNIST macOS Monterey v1.0.0 - All Profiles
Monterey - Enable Authenticated RootUnixNIST macOS Monterey v1.0.0 - 800-171
Monterey - Enable Authenticated RootUnixNIST macOS Monterey v1.0.0 - 800-53r4 High
Monterey - Enable Authenticated RootUnixNIST macOS Monterey v1.0.0 - 800-53r5 Moderate
Monterey - Enable Authenticated RootUnixNIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Enable Authenticated RootUnixNIST macOS Monterey v1.0.0 - 800-53r5 Low
Monterey - Enable Authenticated RootUnixNIST macOS Monterey v1.0.0 - CNSSI 1253
Monterey - Enable Authenticated RootUnixNIST macOS Monterey v1.0.0 - 800-53r4 Moderate
Monterey - Ensure System Volume is Read OnlyUnixNIST macOS Monterey v1.0.0 - 800-53r4 Moderate
Monterey - Ensure System Volume is Read OnlyUnixNIST macOS Monterey v1.0.0 - 800-53r5 Moderate
Monterey - Ensure System Volume is Read OnlyUnixNIST macOS Monterey v1.0.0 - All Profiles
Monterey - Ensure System Volume is Read OnlyUnixNIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Ensure System Volume is Read OnlyUnixNIST macOS Monterey v1.0.0 - 800-53r4 High