SC-34 (1) Non-Modifiable Executable Programs | No Writable Storage
The organization employs [Assignment: organization-defined information system components] with no writeable storage that is persistent across component restart or power on/off.
Applicable CNSSI 1253 Baselines
Confidentiality
- L
- M
- H
Integrity
- L
- M
- H
Availability
- L
- M
- H
Supplemental Guidance
This control enhancement: (i) eliminates the possibility of malicious code insertion via persistent, writeable storage within the designated information system components; and (ii) applies to both fixed and removable storage, with the latter being addressed directly or as specific restrictions imposed through access controls for mobile devices.