NIST 800-53 Rev 5

424 controls available

SI-16moderatehigh

Memory Protection

System and Information Integrity

Control Statement

Implement the following controls to protect the system memory from unauthorized code execution: {{ insert: param, si-16_odp }}.

Discussion

Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Controls employed to protect memory include data execution prevention and address space layout randomization. Data execution prevention controls can either be hardware-enforced or software-enforced with hardware enforcement providing the greater strength of mechanism.

Framework
NIST SP 800-53 Rev 5
Family
System and Information Integrity
Baselines
moderate, high

Related Frameworks

2 paths across 1 framework
CCI2 mappings
CCI-002823
1.00
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-002824
1.00
  • DISA · 2025-01-23 · disa_cci_list · equivalent

Related STIGs

71 STIGs reach this control through 2 CCIs. Expand a row to see the responsible NICE and O*NET roles.

Operating System - Desktop

3 STIGs

Operating System - Server

34 STIGs
Oracle Linux 9 Security Technical Implementation Guide
V1R52026-02-174 of 448 findings match
Anduril NixOS Security Technical Implementation Guide
V1R22025-08-192 of 103 findings match
Show 26 more STIGs in this category →
Oracle Linux 8 Security Technical Implementation Guide
V2R82026-02-132 of 375 findings match

Operating System - Mainframe

2 STIGs
Mainframe Product Security Requirements Guide
32024-12-051 of 193 findings match
Mainframe Product Security Requirements Guide
V3R42025-09-101 of 194 findings match

Network Device

1 STIG

Web / Application Server

2 STIGs

Virtualization / Container

10 STIGs

Uncategorized

19 STIGs
Oracle Linux 9 Security Technical Implementation Guide
V1R62026-05-144 of 448 findings match
Oracle Linux 8 Security Technical Implementation Guide
V2R92026-05-142 of 376 findings match
Show 11 more STIGs in this category →
Virtual Machine Manager Security Requirements Guide
V2R42026-06-292 of 198 findings match
Mainframe Product Security Requirements Guide
V3R52026-05-231 of 194 findings match