Details
Disable all system components that are not needed to support the application or service running on the VM. VMs often don’t require as many functions as ordinary physical servers, so when virtualizing, you should evaluate whether a particular function is truly needed.
Rationale:
By disabling unnecessary system components, you reduce the number of potential attack vectors, which reduces the likelihood of compromise.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
To disable unneeded functions, perform whichever of the following steps are applicable:
Disable unused services in the operating system.
Disconnect unused physical devices, such as CD/DVD drives, floppy drives, and USB adaptors.
Turn off any screen savers.
If using a Linux, BSD, or Solaris guest operating system, do not run the X Windows system unless it is necessary.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system VMware.