1.11 Ensure anti-virus is installed and running

Information

The operating system must have virus scanning software installed.

Virus scanning software can be used to protect a system from penetration from computer viruses and to limit their spread through intermediate systems.

The virus scanning software should be configured to perform scans dynamically on accessed files. If this capability is not available, the system must be configured to scan, at a minimum, all altered files on the system on a daily basis.

If the system processes inbound SMTP mail, the virus scanner must be configured to scan all received mail.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Install an antivirus solution on the system.

Document which solution is installed on the system with the ISSO.

See Also

https://workbench.cisecurity.org/benchmarks/8415

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-3, CSCv7|8.1

Plugin: Unix

Control ID: b9ac14ccfd84f15a99123006dbebcdbfeafa7bb59f1897289df50f6c66d19888