SI-3(6)—Malicious Code Protection
PBMM (P2)
Secret (P2)
Operational
>Control Description
MALICIOUS CODE PROTECTION | TESTING / VERIFICATION (a) The organization tests malicious code protection mechanisms ⚙organization-defined frequency by introducing a known benign, non-spreading test case into the information system; and (b) The organization verifies that both detection of the test case and associated incident reporting occur.
>Supplemental Guidance
Related controls: CA-2, CA-7, RA-5.
Ask AI
Configure your API key to use AI features.