NIST 800-171 R-3.4.6
Employ Least Functionality
Official citation: 3.4.6
Class: core · Severity: high
Statement of the obligation — verify against source
3.4.6
What it means
Configure systems to provide only the capabilities essential to your mission, and turn off the rest. Default functions and services you don't need add risk, so where feasible limit each component to a single function and disable unused physical and logical ports and protocols. Use scanning tools, intrusion detection and prevention, and host firewalls to find and block prohibited functions, ports, protocols, and services.
Educational reference only — not legal advice. Consult a qualified assessor or attorney for binding compliance determinations.