Reference: CMMC 2.0
Level Introduced: 2
Title: Application Execution Policy
Apply deny-by-exception (blacklisting) policy to prevent the use of unauthorized software or deny- all, permit-by-exception (whitelisting) policy to allow the execution of authorized software.
Organizations should determine their blacklisting or whitelisting policy and configure the system to manage software that is allowed to run. Blacklisting or deny-by-exception allows all software to run except if on an unauthorized software list. Whitelisting or permit-by- exception does not allow any software to run except if on an authorized software list. The
stronger policy of the two is whitelisting.
You are in charge of managing the IT infrastructure within your organization. To provide better protection for your company you have decided to take a whitelist approach. With additional research you identify a capability within the latest operating system that can control executables, scripts, libraries, or application installers run in your environment. To ensure success you begin by authorizing digitally signed executables. Once deployed you then plan to evaluate and deploy whitelisting for software libraries and scripts.