| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1727 - Memory Protection | ||
| Id | 697175a7-9715-4e89-b98b-c6f605888fa3 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this System and Information Integrity control | ||
| Additional metadata |
Name/Id: ACF1727 / Microsoft Managed Control 1727 Category: System and Information Integrity Title: Memory Protection Ownership: Customer, Microsoft Description: The information system implements Windows protections, including No Execute, Address Space Layout Randomization, and Data Execution Prevention to protect its memory from unauthorized code execution. Requirements: Azure uses Windows and Linux operating systems for its services. Both operating systems have protections in place for preventing code execution in restricted memory locations: No Execute (NX), Address Space Layout Randomization (ASLR), and Data Execution Prevention (DEP). Additionally, the Security Development Lifecycle (SDL) requires secure coding practices including explicit consideration for safe memory handling requirements. See the following TechNet articles for more information about the protections: * |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|