800-53|SC-18(1)

Title

IDENTIFY UNACCEPTABLE CODE / TAKE CORRECTIVE ACTIONS

Description

The information system identifies [Assignment: organization-defined unacceptable mobile code] and takes [Assignment: organization-defined corrective actions].

Supplemental

Corrective actions when unacceptable mobile code is detected include, for example, blocking, quarantine, or alerting administrators. Blocking includes, for example, preventing transmission of word processing files with embedded macros when such macros have been defined to be unacceptable mobile code.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Category: SYSTEM AND COMMUNICATIONS PROTECTION

Parent Title: MOBILE CODE

Family: SYSTEM AND COMMUNICATIONS PROTECTION

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.6 Set 'Select SmartScreen Filter mode for Internet Explorer 9' to 'Enabled:On'	Windows	CIS IE 9 v1.0.0
2.2.4.7.2.1.1 Ensure 'Always prevent untrusted Microsoft Query files from opening' is set to 'Enabled'	Windows	CIS Microsoft Office Enterprise v1.1.0 L1
2.2.4.7.2.1.2 Ensure 'Don't allow Dynamic Data Exchange (DDE) server launch in Excel' is set to 'Enabled'	Windows	CIS Microsoft Office Enterprise v1.1.0 L1
2.2.4.7.2.1.3 Ensure 'Don't allow Dynamic Data Exchange (DDE) server lookup in Excel' is set to 'Enabled'	Windows	CIS Microsoft Office Enterprise v1.1.0 L1
2.2.4.7.2.3.1 Ensure 'Always open untrusted database files in Protected View' is set to 'Enabled'	Windows	CIS Microsoft Office Enterprise v1.1.0 L1
7.3 Set 'Mime Sniffing Safety Feature' to 'Enabled'	Windows	CIS IE 11 v1.0.0
7.3 Set 'Mime Sniffing Safety Feature' to 'Enabled'	Windows	CIS IE 10 v1.1.0
7.4 Set 'Consistent Mime Handling' to 'Enabled' - (Reserved)	Windows	CIS IE 9 v1.0.0
7.4 Set 'Consistent Mime Handling' to 'Enabled' - explorer.exe	Windows	CIS IE 9 v1.0.0
7.4 Set 'Consistent Mime Handling' to 'Enabled' - iexplore.exe	Windows	CIS IE 9 v1.0.0
7.6 Set 'Consistent Mime Handling' to 'Enabled'	Windows	CIS IE 10 v1.1.0
7.6 Set 'Consistent Mime Handling' to 'Enabled'	Windows	CIS IE 11 v1.0.0
7.7 Set 'Mime Sniffing Safety Feature' to 'Enabled' - (Reserved)	Windows	CIS IE 9 v1.0.0
7.7 Set 'Mime Sniffing Safety Feature' to 'Enabled' - explorer.exe	Windows	CIS IE 9 v1.0.0
7.7 Set 'Mime Sniffing Safety Feature' to 'Enabled' - iexplore.exe	Windows	CIS IE 9 v1.0.0
8.1.34 Set 'Don't run antimalware programs against ActiveX controls' to 'Enabled:Disabled'	Windows	CIS IE 11 v1.0.0
8.2.4 Set 'Don't run antimalware programs against ActiveX controls' to 'Enabled:Disabled'	Windows	CIS IE 11 v1.0.0
8.3.42 Set 'Don't run antimalware programs against ActiveX controls' to 'Enabled:Disabled'	Windows	CIS IE 11 v1.0.0
8.4.3 Set 'Don't run antimalware programs against ActiveX controls' to 'Enabled:Disabled'	Windows	CIS IE 11 v1.0.0
8.5.3 Set 'Don't run antimalware programs against ActiveX controls' to 'Enabled:Disabled'	Windows	CIS IE 11 v1.0.0
ARDC-CL-000005 - Adobe Reader DC must enable Enhanced Security in a Standalone Application.	Windows	DISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000010 - Adobe Reader DC must enable Enhanced Security in a Browser.	Windows	DISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000015 - Adobe Reader DC must enable Protected Mode.	Windows	DISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000020 - Adobe Reader DC must enable Protected View.	Windows	DISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000025 - Adobe Reader DC must Block Websites.	Windows	DISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000030 - Adobe Reader DC must block access to Unknown Websites.	Windows	DISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000035 - Adobe Reader DC must prevent opening files other than PDF or FDF.	Windows	DISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000045 - Adobe Reader DC must block Flash Content.	Windows	DISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CN-000005 - Adobe Reader DC must enable Enhanced Security in a Standalone Application.	Windows	DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000010 - Adobe Reader DC must enable Enhanced Security in a Browser.	Windows	DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000015 - Adobe Reader DC must enable Protected Mode.	Windows	DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000020 - Adobe Reader DC must enable Protected View.	Windows	DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000025 - Adobe Reader DC must Block Websites.	Windows	DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000030 - Adobe Reader DC must block access to Unknown Websites.	Windows	DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000035 - Adobe Reader DC must prevent opening files other than PDF or FDF.	Windows	DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000045 - Adobe Reader DC must block Flash Content.	Windows	DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided	Unix	DISA STIG Apache Server 2.4 Unix Site v2r4 Middleware
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided	Unix	DISA STIG Apache Server 2.4 Unix Site v2r4
AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLEngine	Windows	DISA STIG Apache Server 2.4 Windows Site v2r1
AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLProtocol	Windows	DISA STIG Apache Server 2.4 Windows Site v2r1
DTAM004 - McAfee VirusScan On-Access General Policies must be configured to notify local users when detections occur.	Windows	DISA McAfee VirusScan 8.8 Managed Client STIG v6r1
DTAM004 - McAfee VirusScan On-Access Scanner General Settings must be configured to notify local users when detections occur.	Windows	DISA McAfee VirusScan 8.8 Local Client STIG v6r1
DTAM022 - McAfee VirusScan On-Delivery Email Scan Policies must be configured to find unknown program threats and Trojans.	Windows	DISA McAfee VirusScan 8.8 Managed Client STIG v6r1
DTAM022 - McAfee VirusScan On-Delivery Email Scanner must be configured to find unknown program threats and trojans.	Windows	DISA McAfee VirusScan 8.8 Local Client STIG v6r1
DTAM023 - McAfee VirusScan On Delivery Email Scan Policies must be configured to find unknown macro threats.	Windows	DISA McAfee VirusScan 8.8 Managed Client STIG v6r1
DTAM023 - McAfee VirusScan On Delivery Email Scanner Properties must be configured to find unknown macro threats.	Windows	DISA McAfee VirusScan 8.8 Local Client STIG v6r1
DTBC-0002 - Site tracking users location must be disabled.	Windows	DISA STIG Google Chrome v2r9
DTBC-0038 - Safe Browsing must be enabled.	Windows	DISA STIG Google Chrome v2r9
DTBC-0057 - Safe Browsing Extended Reporting must be disabled.	Windows	DISA STIG Google Chrome v2r9
DTBC-0066 - Anonymized data collection must be disabled.	Windows	DISA STIG Google Chrome v2r9

Detections

Analytics