CSCv7|8.1

Title

Utilize Centrally Managed Anti-malware Software

Description

Utilize centrally managed anti-malware software to continuously monitor and defend each of the organization's workstations and servers.

Reference Item Details

Category: Malware Defenses

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.9 Ensure anti-virus is installed and runningUnixCIS Amazon Linux 2 STIG v1.0.0 L3
1.11 Ensure anti-virus is installed and runningUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.11 Ensure host-based intrusion detection tool is used - MFEhiplsm packageUnixCIS Amazon Linux 2 STIG v1.0.0 L3
1.11 Ensure host-based intrusion detection tool is used - MFEhiplsm processUnixCIS Amazon Linux 2 STIG v1.0.0 L3
1.11.1 Ensure 'Configure Microsoft Defender SmartScreen' is set to 'Enabled'WindowsCIS Microsoft Edge L1 v1.0.1
1.11.2 Ensure 'Configure Microsoft Defender SmartScreen to block potentially unwanted apps' is set to 'Enabled'WindowsCIS Microsoft Edge L1 v1.0.1
1.11.3 Ensure 'Force Microsoft Defender SmartScreen checks on downloads from trusted sources' is set to 'Enabled'WindowsCIS Microsoft Edge L1 v1.0.1
1.11.4 Ensure 'Prevent bypassing Microsoft Defender SmartScreen prompts for sites' is set to 'Enabled'WindowsCIS Microsoft Edge L1 v1.0.1
1.11.5 Ensure 'Prevent bypassing of Microsoft Defender SmartScreen warnings about downloads' is set to 'Enabled'WindowsCIS Microsoft Edge L1 v1.0.1
1.12 Ensure host-based intrusion detection tool is used - mcafeetp packageUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.12 Ensure host-based intrusion detection tool is used - mfetpd processUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Windows Server 2012 R2 DC L1 v2.5.0
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Windows Server 2012 DC L1 v2.2.0
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.2.0
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 STIG DC L1 v1.1.0
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2019 DC L1 v1.3.0
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2022 v1.0.0 L1 MS
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2022 v1.0.0 L1 DC
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 STIG MS L1 v1.1.0
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.2.0
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Windows Server 2012 MS L1 v2.2.0
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Windows Server 2012 R2 MS L1 v2.5.0
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.2.0
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2019 MS L1 v1.3.0
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2019 STIG DC L1 v1.0.1
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2019 STIG MS L1 v1.0.1
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2008 Member Server Level 1 v3.2.0
18.4.9 (L1) Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
18.4.9 (L1) Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
18.4.9 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL + NG
18.4.9 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise v1.12.0 L1
18.4.9 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise v1.12.0 L1 + BL + NG
18.4.9 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise v1.12.0 L1 + BL
18.4.9 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise v1.12.0 L1 + NG
18.4.9 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL
18.4.9 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1 + NG
18.4.9 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1
18.8.14.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
18.8.14.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
18.8.14.1 Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
18.8.14.1 Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical'WindowsCIS Windows Server 2012 DC L1 v2.2.0
18.8.14.1 Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
18.8.14.1 Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical'WindowsCIS Windows Server 2012 MS L1 v2.2.0
18.9.45.11.2 Ensure 'Turn on e-mail scanning' is set to 'Enabled'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1 + BL
18.9.45.11.2 Ensure 'Turn on e-mail scanning' is set to 'Enabled'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1 + BL + NG
18.9.45.11.2 Ensure 'Turn on e-mail scanning' is set to 'Enabled'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1 + NG
18.9.45.11.2 Ensure 'Turn on e-mail scanning' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2019 STIG MS L1 v1.0.1
18.9.45.11.2 Ensure 'Turn on e-mail scanning' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 STIG DC L1 v1.1.0