CSCv7|8.1

Title

Utilize Centrally Managed Anti-malware Software

Description

Utilize centrally managed anti-malware software to continuously monitor and defend each of the organization's workstations and servers.

Reference Item Details

Category: Malware Defenses

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.9 Ensure anti-virus is installed and runningUnixCIS Amazon Linux 2 STIG v1.0.0 L3
1.11 Ensure anti-virus is installed and runningUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.11 Ensure host-based intrusion detection tool is used - MFEhiplsm packageUnixCIS Amazon Linux 2 STIG v1.0.0 L3
1.11 Ensure host-based intrusion detection tool is used - MFEhiplsm processUnixCIS Amazon Linux 2 STIG v1.0.0 L3
1.12 Ensure host-based intrusion detection tool is used - mcafeetp packageUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.12 Ensure host-based intrusion detection tool is used - mfetpd processUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
18.10.43.10.1 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L1
18.10.43.10.1 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L1 + BL + NG
18.10.43.10.1 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Microsoft Windows 11 Enterprise v2.0.0 L1 + BL
18.10.43.10.1 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Microsoft Windows 10 EMS Gateway v2.0.0 L1
18.10.43.10.1 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L1 + NG
18.10.43.10.1 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L1 + BL
18.10.43.10.1 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Microsoft Windows 11 Enterprise v2.0.0 L1
18.10.43.10.1 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled' - EnabledWindowsCIS Microsoft Windows 10 Stand-alone v2.0.0 L1
18.10.43.10.1 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled' - EnabledWindowsCIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + NG
18.10.43.10.1 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled' - EnabledWindowsCIS Microsoft Windows Server 2019 MS L1 v2.0.0
18.10.43.10.1 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled' - EnabledWindowsCIS Microsoft Windows Server 2019 DC L1 v2.0.0
18.10.43.10.1 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled' - EnabledWindowsCIS Microsoft Windows Server 2016 MS L1 v2.0.0
18.10.43.10.1 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled' - EnabledWindowsCIS Microsoft Windows Server 2022 v2.0.0 L1 MS
18.10.43.10.1 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled' - EnabledWindowsCIS Microsoft Windows 11 Stand-alone v2.0.0 L1
18.10.43.10.1 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled' - EnabledWindowsCIS Microsoft Windows Server 2022 v2.0.0 L1 DC
18.10.43.10.1 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled' - EnabledWindowsCIS Microsoft Windows Server 2016 DC L1 v2.0.0
18.10.43.10.1 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled' - EnabledWindowsCIS Microsoft Windows 11 Stand-alone v2.0.0 L1 + BL
18.10.43.10.1 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled' - EnabledWindowsCIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + BL
18.10.43.10.1 Ensure 'Scan all downloaded files and attachments' is set to 'Enabled' - EnabledWindowsCIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + BL + NG
18.10.43.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Enterprise v2.0.0 L1
18.10.43.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L1 + NG
18.10.43.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L1
18.10.43.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L1 + BL
18.10.43.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L1 + BL + NG
18.10.43.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Enterprise v2.0.0 L1 + BL
18.10.43.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled'WindowsCIS Microsoft Windows 10 EMS Gateway v2.0.0 L1
18.10.43.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows 10 Stand-alone v2.0.0 L1
18.10.43.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows Server 2019 MS L1 v2.0.0
18.10.43.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows Server 2022 v2.0.0 L1 DC
18.10.43.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows 11 Stand-alone v2.0.0 L1 + BL
18.10.43.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows Server 2019 DC L1 v2.0.0
18.10.43.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows Server 2022 v2.0.0 L1 MS
18.10.43.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows 11 Stand-alone v2.0.0 L1
18.10.43.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows Server 2016 DC L1 v2.0.0
18.10.43.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + NG
18.10.43.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows Server 2016 MS L1 v2.0.0
18.10.43.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + BL
18.10.43.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + BL + NG
18.10.43.10.3 Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L1 + NG
18.10.43.10.3 Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L1
18.10.43.10.3 Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows 10 EMS Gateway v2.0.0 L1
18.10.43.10.3 Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows 11 Enterprise v2.0.0 L1 + BL
18.10.43.10.3 Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L1 + BL
18.10.43.10.3 Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L1 + BL + NG