| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1727 - Memory Protection | ||
| Id | 697175a7-9715-4e89-b98b-c6f605888fa3 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this System and Information Integrity control | ||
| Cloud environments | AzureCloud = true AzureUSGovernment = true AzureChinaCloud = unknown |
||
| Available in AzUSGov | The Policy is available in AzureUSGovernment cloud. Version: '1.0.0' Repository: Azure-Policy 697175a7-9715-4e89-b98b-c6f605888fa3 |
||
| Additional metadata |
Name/Id: ACF1727 / Microsoft Managed Control 1727 Category: System and Information Integrity Title: Memory Protection Ownership: Customer, Microsoft Description: The information system implements Windows protections, including No Execute, Address Space Layout Randomization, and Data Execution Prevention to protect its memory from unauthorized code execution. Requirements: Azure uses Windows and Linux operating systems for its services. Both operating systems have protections in place for preventing code execution in restricted memory locations: No Execute (NX), Address Space Layout Randomization (ASLR), and Data Execution Prevention (DEP). Additionally, the Security Development Lifecycle (SDL) requires secure coding practices including explicit consideration for safe memory handling requirements. See the following TechNet articles for more information about the protections: * |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|