>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SC-18(1)Mobile Code | Identify Unacceptable Code and Take Corrective Actions

IL5
IL6

>Control Description

Identify organization-defined unacceptable mobile code and take organization-defined corrective actions.

>DoD Impact Level Requirements

No specific parameter values or requirements for this impact level.

>Discussion

Corrective actions when unacceptable mobile code is detected include blocking, quarantine, or alerting administrators. Blocking includes preventing the transmission of word processing files with embedded macros when such macros have been determined to be unacceptable mobile code.

>Assessment Interview Topics

Questions assessors commonly ask

Process & Governance:

  • What policies govern the implementation of identify unacceptable code and take corrective actions?
  • How are system and communications protection requirements defined and maintained?
  • Who is responsible for configuring and maintaining the security controls specified in SC-18(1)?

Technical Implementation:

  • How is identify unacceptable code and take corrective actions technically implemented in your environment?
  • What systems, tools, or configurations enforce this protection requirement?
  • How do you ensure that identify unacceptable code and take corrective actions remains effective as the system evolves?

Evidence & Documentation:

  • What documentation demonstrates the implementation of SC-18(1)?
  • Can you provide configuration evidence or system diagrams showing this protection control?
  • What logs or monitoring data verify that this control is functioning correctly?

Ask AI

Configure your API key to use AI features.