>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SI-3Malicious Code Protection

>Control Description

a

Implement [Selection (one or more): signature based; non-signature based] malicious code protection mechanisms at system entry and exit points to detect and eradicate malicious code;

b

Automatically update malicious code protection mechanisms as new releases are available in accordance with organizational configuration management policy and procedures;

c

Configure malicious code protection mechanisms to:

1.

Perform periodic scans of the system organization-defined frequency and real-time scans of files from external sources at [Selection (one or more): endpoint; network entry and exit points] as the files are downloaded, opened, or executed in accordance with organizational policy; and

2.

[Selection (one or more): block malicious code; quarantine malicious code; take organization-defined action]; and send alert to organization-defined personnel or roles in response to malicious code detection; and

d

Address the receipt of false positives during malicious code detection and eradication and the resulting potential impact on the availability of the system.

>Related Controls

AC-4
AC-19
CM-3
CM-8
IR-4
MA-3
MA-4
PL-9
RA-5
SC-7
SC-23
SC-26
SC-28
SC-44
SI-2
SI-4
SI-7
SI-8
SI-15

Ask AI

Configure your API key to use AI features.