800-53|SI-3c.1.

Title

MALICIOUS CODE PROTECTION

Description

Perform periodic scans of the information system [Assignment: organization-defined frequency] and real-time scans of files from external sources at [Selection (one or more); endpoint; network entry/exit points] as the files are downloaded, opened, or executed in accordance with organizational security policy; and

Reference Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

Family: SYSTEM AND INFORMATION INTEGRITY

Baseline Impact: LOW,MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.2 Set 'Prevent Bypassing SmartScreen Filter Warnings' to 'Enabled'WindowsCIS IE 9 v1.0.0
1.4.7.5 Ensure' Scan Encrypted Macros in Excel Open XML Workbooks' is set to Enable (Scan encrypted macros (default))WindowsCIS Microsoft Office Excel 2016 v1.0.1
1.4.7.5 Ensure' Scan Encrypted Macros in Excel Open XML Workbooks' is set to Enable (Scan encrypted macros (default))WindowsCIS Microsoft Office Excel 2013 v1.0.1
1.6.6.4 Ensure 'Scan Encrypted Macros in PowerPoint Open XML Presentations' is set to Enabled (Scan Encrypted Macros)WindowsCIS Microsoft Office PowerPoint 2013 v1.0.1
1.6.6.4 Ensure 'Scan Encrypted Macros in PowerPoint Open XML Presentations' is set to Enabled (Scan Encrypted Macros)WindowsCIS Microsoft Office PowerPoint 2016 v1.0.1
1.8.7.2.4 Ensure 'Scan Encrypted Macros in Word Open XML Documents' to EnabledWindowsCIS Microsoft Office Word 2016 v1.1.0
1.8.7.2.4 Ensure 'Scan Encrypted Macros in Word Open XML Documents' to EnabledWindowsCIS Microsoft Office Word 2013 v1.1.0
2.25.4 Ensure 'Suppress Hyperlink Warnings' is set to DisabledWindowsCIS Microsoft Office 2016 v1.1.0
4.4 Set OCSP Use PolicyWindowsCIS Mozilla Firefox 38 ESR Windows L2 v1.0.0
4.4 Set OCSP Use PolicyUnixCIS Mozilla Firefox 38 ESR Linux L2 v1.0.0
5.1.23 Set 'Suppress hyperlink warnings' to 'Disabled'WindowsCIS MS Office Outlook 2010 v1.0.0
8.1 Enable Virus Scanning for DownloadsUnixCIS Mozilla Firefox 38 ESR Linux L1 v1.0.0
8.3.25 Set 'Use SmartScreen Filter' to 'Enabled:Enable'WindowsCIS IE 11 v1.0.0
8.3.25 Set 'Use SmartScreen Filter' to 'Enabled:Enable'WindowsCIS IE 10 v1.1.0
8.3.30 Set 'Use SmartScreen Filter' to 'Enabled:Enable'WindowsCIS IE 9 v1.0.0
8.4.1 Set 'Use SmartScreen Filter' to 'Enabled:Enable'WindowsCIS IE 9 v1.0.0
8.4.2 Set 'Use SmartScreen Filter' to 'Enabled:Enable'WindowsCIS IE 10 v1.1.0
8.4.2 Set 'Use SmartScreen Filter' to 'Enabled:Enable'WindowsCIS IE 11 v1.0.0
8.5.2 Set 'Use SmartScreen Filter' to 'Enabled:Enable'WindowsCIS IE 9 v1.0.0
8.6.1 Set 'Use SmartScreen Filter' to 'Enabled:Enable'WindowsCIS IE 11 v1.0.0
8.6.1 Set 'Use SmartScreen Filter' to 'Enabled:Enable'WindowsCIS IE 9 v1.0.0
8.6.1 Set 'Use SmartScreen Filter' to 'Enabled:Enable'WindowsCIS IE 10 v1.1.0
8.7.2 Set 'Use SmartScreen Filter' to 'Enabled:Enable'WindowsCIS IE 9 v1.0.0
8.7.2 Set 'Use SmartScreen Filter' to 'Enabled:Enable'WindowsCIS IE 11 v1.0.0
8.7.2 Set 'Use SmartScreen Filter' to 'Enabled:Enable'WindowsCIS IE 10 v1.1.0
8.8.1 Set 'Use SmartScreen Filter' to 'Enabled:Enable'WindowsCIS IE 9 v1.0.0
8.8.3 Set 'Use SmartScreen Filter' to 'Enabled:Enable'WindowsCIS IE 11 v1.0.0
8.8.3 Set 'Use SmartScreen Filter' to 'Enabled:Enable'WindowsCIS IE 10 v1.1.0
8.9.2 Set 'Use SmartScreen Filter' to 'Enabled:Enable'WindowsCIS IE 11 v1.0.0
8.9.2 Set 'Use SmartScreen Filter' to 'Enabled:Enable'WindowsCIS IE 10 v1.1.0
8.10.2 Set 'Use SmartScreen Filter' to 'Enabled:Enable'WindowsCIS IE 11 v1.0.0
8.10.2 Set 'Use SmartScreen Filter' to 'Enabled:Enable'WindowsCIS IE 10 v1.1.0
18.9.47.9.1 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Windows Server 2012 DC L1 v2.4.0
18.9.47.9.1 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Windows Server 2012 MS L1 v2.4.0
18.9.47.9.2 Ensure 'Turn off real-time protection' is set to 'Disabled'WindowsCIS Windows Server 2012 MS L1 v2.4.0
18.9.47.9.2 Ensure 'Turn off real-time protection' is set to 'Disabled'WindowsCIS Windows Server 2012 DC L1 v2.4.0
18.9.47.9.4 Ensure 'Turn on script scanning' is set to 'Enabled'WindowsCIS Windows Server 2012 MS L1 v2.4.0
18.9.47.9.4 Ensure 'Turn on script scanning' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.4.0
18.9.47.9.4 Ensure 'Turn on script scanning' is set to 'Enabled'WindowsCIS Windows Server 2012 DC L1 v2.4.0
18.9.47.9.4 Ensure 'Turn on script scanning' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.4.0
DTAM001 - McAfee VirusScan On-Access General Policies must be configured to enable on-access scanning at system startup.WindowsDISA McAfee VirusScan 8.8 Managed Client STIG v6r1
DTAM001 - McAfee VirusScan On-Access Scanner General Settings must be configured to enable on-access scanning at system startup.WindowsDISA McAfee VirusScan 8.8 Local Client STIG v6r1
DTAM002 - McAfee VirusScan On-Access General Policies must be configured to scan boot sectors.WindowsDISA McAfee VirusScan 8.8 Managed Client STIG v6r1
DTAM002 - McAfee VirusScan On-Access Scanner General Settings must be configured to scan boot sectors.WindowsDISA McAfee VirusScan 8.8 Local Client STIG v6r1
DTAM003 - McAfee VirusScan On-Access General Policies must be configured to scan floppy during shutdown.WindowsDISA McAfee VirusScan 8.8 Managed Client STIG v6r1
DTAM003 - McAfee VirusScan On-Access Scanner General Settings must be configured to scan floppy during shutdown.WindowsDISA McAfee VirusScan 8.8 Local Client STIG v6r1
DTAM005 - McAfee VirusScan On-Access General Policies must be configured to prevent users from removing messages from the list.WindowsDISA McAfee VirusScan 8.8 Managed Client STIG v6r1
DTAM005 - McAfee VirusScan On-Access Scanner General Settings must be configured to prevent users from removing messages from the list.WindowsDISA McAfee VirusScan 8.8 Local Client STIG v6r1
DTAM009 - McAfee VirusScan On-Access General Policies must be configured to log the scan sessions.WindowsDISA McAfee VirusScan 8.8 Managed Client STIG v6r1
DTAM009 - McAfee VirusScan On-Access Scanner General Settings must be configured to log the scan sessions.WindowsDISA McAfee VirusScan 8.8 Local Client STIG v6r1