Detections
Analytics

CCI|CCI-002624

Title

Configure malicious code protection mechanisms to perform real-time scans of files from external sources at endpoint; and/or network entry and exit points as the files are downloaded, opened, or executed in accordance with organizational policy.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
EX19-MB-000146 - Exchange antimalware agent must be enabled and configured.WindowsDISA Microsoft Exchange 2019 Mailbox Server STIG v2r3
JUSX-IP-000027 - The Juniper Networks SRX Series Gateway IDPS must perform real-time monitoring of files from external sources at network entry/exit points.JuniperDISA Juniper SRX Services Gateway IDPS v2r1
WNDF-AV-000004 - Microsoft Defender AV must be configured to run and scan for malware and other potentially unwanted software.WindowsDISA Microsoft Defender Antivirus STIG v2r8
WNDF-AV-000005 - Microsoft Defender AV must be configured to not exclude files for scanning.WindowsDISA Microsoft Defender Antivirus STIG v2r8
WNDF-AV-000006 - Microsoft Defender AV must be configured to not exclude files opened by specified processes.WindowsDISA Microsoft Defender Antivirus STIG v2r8
WNDF-AV-000007 - Microsoft Defender AV must be configured to enable the Automatic Exclusions feature.WindowsDISA Microsoft Defender Antivirus STIG v2r8
WNDF-AV-000009 - Microsoft Defender AV must be configured to check in real time with MAPS before content is run or accessed.WindowsDISA Microsoft Defender Antivirus STIG v2r8
WNDF-AV-000012 - Microsoft Defender AV must be configured for protocol recognition for network protection.WindowsDISA Microsoft Defender Antivirus STIG v2r8
WNDF-AV-000017 - Microsoft Defender AV Group Policy settings must take priority over the local preference settings.WindowsDISA Microsoft Defender Antivirus STIG v2r8
WNDF-AV-000018 - Microsoft Defender AV must monitor for incoming and outgoing files.WindowsDISA Microsoft Defender Antivirus STIG v2r8
WNDF-AV-000019 - Microsoft Defender AV must be configured to monitor for file and program activity.WindowsDISA Microsoft Defender Antivirus STIG v2r8
WNDF-AV-000021 - Microsoft Defender AV must be configured to always enable real-time protection.WindowsDISA Microsoft Defender Antivirus STIG v2r8
WNDF-AV-000023 - Microsoft Defender AV must be configured to process scanning when real-time protection is enabled.WindowsDISA Microsoft Defender Antivirus STIG v2r8
WNDF-AV-000024 - Microsoft Defender AV must be configured to scan archive files.WindowsDISA Microsoft Defender Antivirus STIG v2r8
WNDF-AV-000055 - Microsoft Defender AV must randomize scheduled task times.WindowsDISA Microsoft Defender Antivirus STIG v2r8
WNDF-AV-000064 - Microsoft Defender AV must enable script scanning.WindowsDISA Microsoft Defender Antivirus STIG v2r8
WNDF-AV-000065 - Microsoft Defender AV must enable real-time protection and Security Intelligence Updates during OOBE.WindowsDISA Microsoft Defender Antivirus STIG v2r8
WNDF-AV-000072 - Microsoft Defender AV must scan excluded files and directories during quick scans.WindowsDISA Microsoft Defender Antivirus STIG v2r8
WNDF-AV-000076 - Microsoft Defender AV must scan packed executables.WindowsDISA Microsoft Defender Antivirus STIG v2r8
WNDF-AV-000077 - Microsoft Defender AV must enable heuristics.WindowsDISA Microsoft Defender Antivirus STIG v2r8