| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1218 - Least Functionality | Prevent Program Execution | ||
| Id | 4a1d0394-b9f5-493e-9e83-563fd0ac4df8 | ||
| Version | 1.0.0 Details on versioning |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Configuration Management control | ||
| Additional metadata |
Name/Id: ACF1218 / Microsoft Managed Control 1218 Category: Configuration Management Title: Least Functionality | Prevent Program Execution Ownership: Customer, Microsoft Description: The organization: The information system prevents program execution in accordance with the SDL process. Requirements: Installed software is monitored using Azure Security Monitoring (ASM) and SCUBA. If unauthorized software installation is detected, the Security Response Team responds. Azure System Lockdown (AzSysLock) is a process in place to protect all Azure production assets from malicious code by ensuring only digitally signed and pre-authorized executables and scripts can run. Azure has implemented the capability needed to meet the requirement of preventing program execution. At this time, the ASM and SCUBA tools monitor assets for the software that has been installed but do not require preventing any unauthorized software from being installed. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|