💼 SI-3 MALICIOUS CODE PROTECTION

• Contextual name: 💼 SI-3 MALICIOUS CODE PROTECTION
• ID: /frameworks/nist-sp-800-53-r4/si/03
• Located in: 💼 SI SYSTEM AND INFORMATION INTEGRITY

Description

The organization: SI-3a. Employs malicious code protection mechanisms at information system entry and exit points to detect and eradicate malicious code; SI-3b. Updates malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures; SI-3c. Configures malicious code protection mechanisms to: SI-3c.1. Perform periodic scans of the information system [Assignment: organization-defined frequency] and real-time scans of files from external sources at [Selection (one or more); endpoint; network entry/exit points] as the files are downloaded, opened, or executed in accordance with organizational security policy; and SI-3c.2. [Selection (one or more): block malicious code; quarantine malicious code; send alert to administrator; [Assignment: organization-defined action]] in response to malicious code detection; and SI-3d. Addresses the receipt of false positives during malicious code detection and eradication and the resulting potential impact on the availability of the information system.

Similar

• Internal
  • ID: dec-c-2d7df392

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST CSF v1.1 → 💼 DE.CM-4: Malicious code is detected		7	7
💼 NIST CSF v1.1 → 💼 DE.DP-3: Detection processes are tested		13	13

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 SI-3 (1) CENTRAL MANAGEMENT
💼 SI-3 (2) AUTOMATIC UPDATES
💼 SI-3 (3) NON-PRIVILEGED USERS
💼 SI-3 (4) UPDATES ONLY BY PRIVILEGED USERS
💼 SI-3 (5) PORTABLE STORAGE DEVICES
💼 SI-3 (6) TESTING _ VERIFICATION
💼 SI-3 (7) NONSIGNATURE-BASED DETECTION
💼 SI-3 (8) DETECT UNAUTHORIZED COMMANDS
💼 SI-3 (9) AUTHENTICATE REMOTE COMMANDS
💼 SI-3 (10) MALICIOUS CODE ANALYSIS