| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1220 - Least Functionality | Authorized Software / Whitelisting | ||
| Id | c40f31a7-81e1-4130-99e5-a02ceea2a1d6 | ||
| Version | 1.0.0 Details on versioning |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Configuration Management control | ||
| Additional metadata |
Name/Id: ACF1220 / Microsoft Managed Control 1220 Category: Configuration Management Title: Least Functionality | Authorized Software / Whitelisting - Policy Ownership: Customer, Microsoft Description: The organization: Employs a deny-all, permit-by-exception policy to allow the execution of authorized software programs on the information system; and Requirements: Azure employs a deny-by-default, permit-by-exception software policy. Any changes to baselines or configuration scripts must be reviewed and approved by the appropriate change review committee. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|