CSCv7|8.2

Title

Ensure Anti-Malware Software and Signatures are Updated

Description

Ensure that the organization's anti-malware software updates its scanning engine and signature database on a regular basis.

Reference Item Details

Category: Malware Defenses

Audit Items

View all Reference Audit Items

NamePluginAudit Name
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Windows Server 2012 DC L1 v2.2.0
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.2.0
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.2.0
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Windows Server 2012 MS L1 v2.2.0
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.2.0
18.4.8 Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2008 Member Server Level 1 v3.2.0
18.4.9 (L1) Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
18.4.9 (L1) Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
18.8.14.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
18.8.14.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
18.8.14.1 Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
18.8.14.1 Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical'WindowsCIS Windows Server 2012 DC L1 v2.2.0
18.8.14.1 Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
18.8.14.1 Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical'WindowsCIS Windows Server 2012 MS L1 v2.2.0
18.9.45.3.1 Ensure 'Configure local setting override for reporting to Microsoft MAPS' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
18.9.45.3.1 Ensure 'Configure local setting override for reporting to Microsoft MAPS' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
18.9.45.8.3 Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
18.9.45.8.3 Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
18.9.45.11.2 Ensure 'Turn on e-mail scanning' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
18.9.45.11.2 Ensure 'Turn on e-mail scanning' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
18.9.45.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
18.9.45.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
18.9.45.15 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
18.9.45.15 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
18.9.77.3.1 (L1) Ensure 'Configure local setting override for reporting to Microsoft MAPS' is set to 'Disabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
18.9.77.3.1 (L1) Ensure 'Configure local setting override for reporting to Microsoft MAPS' is set to 'Disabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
18.9.77.3.1 Ensure 'Configure local setting override for reporting to Microsoft MAPS' is set to 'Disabled'WindowsCIS Windows Server 2012 DC L1 v2.2.0
18.9.77.3.1 Ensure 'Configure local setting override for reporting to Microsoft MAPS' is set to 'Disabled'WindowsCIS Windows Server 2012 MS L1 v2.2.0
18.9.77.7.1 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
18.9.77.7.1 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
18.9.77.7.1 Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Windows Server 2012 DC L1 v2.2.0
18.9.77.7.1 Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Windows Server 2012 MS L1 v2.2.0
18.9.77.10.2 (L1) Ensure 'Turn on e-mail scanning' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
18.9.77.10.2 (L1) Ensure 'Turn on e-mail scanning' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
18.9.77.10.2 Ensure 'Turn on e-mail scanning' is set to 'Enabled'WindowsCIS Windows Server 2012 MS L1 v2.2.0
18.9.77.10.2 Ensure 'Turn on e-mail scanning' is set to 'Enabled'WindowsCIS Windows Server 2012 DC L1 v2.2.0
18.9.77.14 (L1) Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
18.9.77.14 (L1) Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
18.9.77.14 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Windows Server 2012 MS L1 v2.2.0
18.9.77.14 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.2.0
18.9.77.14 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Windows Server 2012 DC L1 v2.2.0
18.9.77.14 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.2.0
18.9.77.14 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.2.0
18.9.77.14 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 Member Server Level 1 v3.2.0
19.7.4.2 (L1) Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
19.7.4.2 (L1) Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Windows Server 2012 MS L1 v2.2.0
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2008 Member Server Level 1 v3.2.0