SI.L1-3.14.2—Malicious Code Protection
>Control Description
Provide protection from malicious code at appropriate locations within organizational information systems.
>Cross-Framework Mappings
>Assessment Interview Topics
Questions assessors commonly ask
Process & Governance:
- •What is your malware protection policy?
- •What malware protection technologies are approved for use?
- •Who is responsible for managing anti-malware systems?
- •How do you determine appropriate locations for malware protection?
- •What is your process for responding to malware detection?
Technical Implementation:
- •What anti-malware products are deployed (endpoint, email, network)?
- •What technologies provide malware protection at different layers?
- •What centralized management consoles control anti-malware?
- •What sandboxing or detonation chambers analyze suspicious files?
- •What quarantine mechanisms isolate malware?
Evidence & Documentation:
- •What patch management reports show timely patching?
- •What anti-malware deployment and update reports can you provide?
- •What malware scan reports and logs can you show?
- •What security monitoring reports demonstrate monitoring is occurring?
- •What security alert tracking shows alerts are reviewed and acted upon?
- •What incident detection logs demonstrate security monitoring?
- •What patch testing procedures can you provide?
Ask AI
Configure your API key to use AI features.