Skip to main content

💼 SI-3 MALICIOUS CODE PROTECTION

  • ID: /frameworks/nist-sp-800-53-r4/si/03

Stats​

not available

Description​

The organization: SI-3a. Employs malicious code protection mechanisms at information system entry and exit points to detect and eradicate malicious code; SI-3b. Updates malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures; SI-3c. Configures malicious code protection mechanisms to: SI-3c.1. Perform periodic scans of the information system [Assignment: organization-defined frequency] and real-time scans of files from external sources at [Selection (one or more); endpoint; network entry/exit points] as the files are downloaded, opened, or executed in accordance with organizational security policy; and SI-3c.2. [Selection (one or more): block malicious code; quarantine malicious code; send alert to administrator; [Assignment: organization-defined action]] in response to malicious code detection; and SI-3d. Addresses the receipt of false positives during malicious code detection and eradication and the resulting potential impact on the availability of the information system.

Similar​

  • Internal
    • ID: dec-c-2d7df392

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 NIST CSF v1.1 → 💼 DE.CM-4: Malicious code is detected77no data
💼 NIST CSF v1.1 → 💼 DE.DP-3: Detection processes are tested1314no data

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 SI-3 (1) CENTRAL MANAGEMENTno data
💼 SI-3 (2) AUTOMATIC UPDATESno data
💼 SI-3 (3) NON-PRIVILEGED USERSno data
💼 SI-3 (4) UPDATES ONLY BY PRIVILEGED USERSno data
💼 SI-3 (5) PORTABLE STORAGE DEVICESno data
💼 SI-3 (6) TESTING _ VERIFICATIONno data
💼 SI-3 (7) NONSIGNATURE-BASED DETECTIONno data
💼 SI-3 (8) DETECT UNAUTHORIZED COMMANDSno data
💼 SI-3 (9) AUTHENTICATE REMOTE COMMANDSno data
💼 SI-3 (10) MALICIOUS CODE ANALYSISno data