| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1215 - Least Functionality | ||
| Id | 88fc93e8-4745-4785-b5a5-b44bb92c44ff | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Configuration Management control | ||
| Additional metadata |
Name/Id: ACF1215 / Microsoft Managed Control 1215 Category: Configuration Management Title: Least Functionality - Restricted Capabilities Ownership: Customer, Microsoft Description: The organization: Prohibits or restricts the use of the following functions, ports, protocols, and/or services: Functions, ports, protocols, and/or services identified as prohibited or restricted in the United States Government Configuration Baseline (USGCB). Requirements: USGCB guidance, CIS Benchmarks, and DISA STIGs are taken into consideration during the development of operating system images. These images include essential functions, ports, protocols, and services. All other functions, ports, protocols, and services are disabled by default. Service teams must go through an approval process to have a port opened, or a function, protocol, or service enabled. For network devices, the Azure Networking Standards and Architecture team sets the configuration baseline standards for all network devices, using recommended configurations specific to each hardware vendor, and makes updates periodically based upon recommendations from the vendor. These configuration baselines include essential functions, ports, protocols, and services. All other functions, ports, protocols, and services are disabled by default. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|