From fecadf7c3bb9cb1848a3b10bc872b5b4e528d9ea Mon Sep 17 00:00:00 2001 From: Elar Lang Date: Mon, 25 Oct 2021 12:34:50 +0300 Subject: [PATCH] update 14.2.2 description (#880) --- 4.0/en/0x22-V14-Config.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/4.0/en/0x22-V14-Config.md b/4.0/en/0x22-V14-Config.md index 202dfefd8b..b0c9e67e88 100644 --- a/4.0/en/0x22-V14-Config.md +++ b/4.0/en/0x22-V14-Config.md @@ -36,7 +36,7 @@ Note: At Level 1, 14.2.1 compliance relates to observations or detections of cli | # | Description | L1 | L2 | L3 | CWE | | :---: | :--- | :---: | :---:| :---: | :---: | | **14.2.1** | Verify that all components are up to date, preferably using a dependency checker during build or compile time. ([C2](https://owasp.org/www-project-proactive-controls/#div-numbering)) | ✓ | ✓ | ✓ | 1026 | -| **14.2.2** | Verify that all unneeded features, documentation, samples, configurations are removed, such as sample applications, platform documentation, and default or example users. | ✓ | ✓ | ✓ | 1002 | +| **14.2.2** | Verify that all unneeded features, documentation, sample applications and configurations are removed. | ✓ | ✓ | ✓ | 1002 | | **14.2.3** | Verify that if application assets, such as JavaScript libraries, CSS or web fonts, are hosted externally on a Content Delivery Network (CDN) or external provider, Subresource Integrity (SRI) is used to validate the integrity of the asset. | ✓ | ✓ | ✓ | 829 | | **14.2.4** | Verify that third party components come from pre-defined, trusted and continually maintained repositories. ([C2](https://owasp.org/www-project-proactive-controls/#div-numbering)) | | ✓ | ✓ | 829 | | **14.2.5** | Verify that an inventory catalog is maintained of all third party libraries in use. ([C2](https://owasp.org/www-project-proactive-controls/#div-numbering)) | | ✓ | ✓ | |