$125.00
Description
This is a light duty White List intended for smaller companies that cannot maintain large lists of programs. It will set the only acceptable programs to run from either the \Program Files or \Program File (86) directories. If a program is in another directory, it will block it from running.
It assumes that these two directories are locked in another GPO and cannot be changes by anyone other than a system administrator.
NIST 800-171 / CMMC
3.4.8
The process used to identify software programs that are not authorized to execute on systems is commonly referred to as blacklisting. The process used to identify software programs that are authorized to execute on systems is commonly referred to as whitelisting. Whitelisting is the stronger of the two policies for restricting software program execution. In addition to whitelisting, organizations consider verifying the integrity of whitelisted software programs using, for example, cryptographic checksums, digital signatures, or hash functions. Verification of whitelisted software can occur either prior to execution or at system startup.
