Title: Applications must, for organization defined information system components, load and execute the operating environment from hardware-enforced, read-only media.
Vulnerability ID: V-32545
IA Controls: None
Description: Organizations may require the information system to load the operating environment from hardware enforced read-only media. The term operating environment is defined as the code upon which applications are hosted, for example, a monitor, executive, operating system, or application running directly on the hardware platform.
Hardware-enforced, read-only media include CD-R/DVD-R disk drives. Use of non-modifiable storage ensures the integrity of the software program from the point of creation of the read-only image.
This requirement is specific to applications running directly on the hardware platform. This requirement is NA for databases.
Check Text: This check is NA for databases.
Fix Text: This fix is NA for databases.[divider]