Description
[Assignment: organization-defined parameters] disable or remove [Assignment: organization-defined parameters] on the following systems or system components: [Assignment: organization-defined parameters].
Supplemental Guidance
Connection ports include Universal Serial Bus (USB), Thunderbolt, and Firewire (IEEE 1394). Input/output (I/O) devices include compact disc and digital versatile disc drives. Disabling or removing such connection ports and I/O devices helps prevent the exfiltration of information from systems and the introduction of malicious code from those ports or devices. Physically disabling or removing ports and/or devices is the stronger action.
Changes from Rev 4
No significant title changes from Rev 4.
MITRE ATT&CK Techniques (5)
ATT&CK v16.1Techniques mitigated by this control, mapped via CTID.
Initial Access 2 Lateral Movement 1 Collection 1 Exfiltration 2
Lateral Movement
Collection
Compliance Mappings
ISO 27002:2022
8.1
COBIT 2019
DSS05
MAS TRM
11
BSI IT-Grundschutz
NET.3.1
OSFI B-13
B-13.3.2
BIO2
8.1
RBI CSF
Annex1.4
HKMA TM-E-1
TME1.11.1TME1.11.3
EU CRA
CRA.I.2j
SAMA CSF
3.3
CBB TM
TM-8
CBUAE
CR-7
CBE CSF
CTO-6CTO-7
SA JS2
JS2-7.2JS2-8.4
CBN CSF
Part3.3
BoG CISD
CISD-VI
SEBI CSCRF
PR.ES
BOT Cyber Resilience
Ch2.6