Detections
Analytics

CSCv7|8.1

Title

Utilize Centrally Managed Anti-malware Software

Description

Utilize centrally managed anti-malware software to continuously monitor and defend each of the organization's workstations and servers.

Reference Item Details

Category: Malware Defenses

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.11 Ensure anti-virus is installed and runningUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.11 Ensure anti-virus is installed and runningUnixCIS Amazon Linux 2 STIG v2.0.0 STIG
1.12 Ensure host-based intrusion detection tool is usedUnixCIS Amazon Linux 2 STIG v2.0.0 STIG
1.12 Ensure host-based intrusion detection tool is used - mcafeetp packageUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.12 Ensure host-based intrusion detection tool is used - mfetpd processUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
18.10.42.7.1 (L1) Ensure 'Enable file hash computation feature' is set to 'Enabled'WindowsCIS Microsoft Windows 10 EMS Gateway v3.0.0 L1
18.10.42.10.1 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Microsoft Windows 10 EMS Gateway v3.0.0 L1
18.10.42.10.2 (L1) Ensure 'Turn off real-time protection' is set to 'Disabled'WindowsCIS Microsoft Windows 10 EMS Gateway v3.0.0 L1
18.10.42.10.3 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows 10 EMS Gateway v3.0.0 L1
18.10.42.10.4 (L1) Ensure 'Turn on script scanning' is set to 'Enabled'WindowsCIS Microsoft Windows 10 EMS Gateway v3.0.0 L1
18.10.42.13.3 (L1) Ensure 'Turn on e-mail scanning' is set to 'Enabled'WindowsCIS Microsoft Windows 10 EMS Gateway v3.0.0 L1
18.10.42.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'WindowsCIS Microsoft Windows 10 EMS Gateway v3.0.0 L1
18.10.42.17 (L1) Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 EMS Gateway v3.0.0 L1
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2019 v4.0.0 L1 DC
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2019 v4.0.0 L1 MS
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2022 v4.0.0 L1 MS
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise v4.0.0 L1
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2025 v1.0.0 L1 DC
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows 11 Stand-alone v4.0.0 L1
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Stand-alone v4.0.0 L1
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2025 v1.0.0 L1 MS
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2022 v4.0.0 L1 DC
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows 11 Enterprise v4.0.0 L1
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 v4.0.0 L1 DC
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG
18.10.43.10.1 (L1) Ensure 'Configure real-time protection and Security Intelligence Updates during OOBE' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 v4.0.0 L1 MS
18.10.43.10.1 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Windows Server 2012 R2 MS L1 v3.0.0
18.10.43.10.1 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Windows Server 2012 DC L1 v3.0.0
18.10.43.10.1 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Windows Server 2012 R2 DC L1 v3.0.0
18.10.43.10.1 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Windows Server 2012 MS L1 v3.0.0
18.10.43.10.2 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG
18.10.43.10.2 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 v4.0.0 L1 DC
18.10.43.10.2 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker
18.10.43.10.2 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2019 v4.0.0 L1 DC
18.10.43.10.2 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 v4.0.0 L1 MS
18.10.43.10.2 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL
18.10.43.10.2 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG
18.10.43.10.2 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG
18.10.43.10.2 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS
18.10.43.10.2 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2019 v4.0.0 L1 MS
18.10.43.10.2 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Stand-alone v4.0.0 L1