NIST 800-171 · 3.4 Configuration Management
3.4.2 Establish and enforce security configuration settings
Establish and enforce security configuration settings for IT products in the system.
Mapped across 10 provisions
Equivalent and related requirements in other frameworks and regulations.
- CIS Controls v8EquivalentCurated4.1 Establish and maintain a secure configuration process
Secure configuration & hardening
- Cyber EssentialsEquivalentCuratedCE-2 Secure configuration
Secure configuration & hardening
- Cyber EssentialsPartialCuratedCE-1 Firewalls
Secure configuration & hardening
- Essential EightPartialCuratedE8-5 Application control
Secure configuration & hardening
- Essential EightPartialCuratedE8-6 Restrict Microsoft Office macros
Secure configuration & hardening
- Essential EightPartialCuratedE8-7 User application hardening
Secure configuration & hardening
- ISO 27001EquivalentCuratedA.8.9 Configuration management
Secure configuration & hardening
- NIST 800-53EquivalentCuratedCM-6 Configuration settings
Secure configuration & hardening
- NIST CSF 2.0EquivalentCuratedPR.PS-01 Configuration management practices established
Secure configuration & hardening
- PCI DSSEquivalentCuratedReq. 2 Apply secure configurations to all system components
Secure configuration & hardening