PR.PS-05:

Installation and execution of unauthorized software are prevented

When risk warrants it, restrict software execution to permitted products only or deny the execution of prohibited and unauthorized software

Verify the source of new software and the software's integrity before installing it

Configure platforms to use only approved DNS services that block access to known malicious domains

Configure platforms to allow the installation of organization-approved software only