Embedded Files
This page is classified as INTERNAL.
NIST 800-53 (r4) Control:
The organization centrally manages malicious code protection mechanisms.
NIST 800-53 (r4) Supplemental Guidance:
Central management is the organization-wide management and implementation of malicious code protection mechanisms. Central management includes planning, implementing, assessing, authorizing, and monitoring the organization-defined, centrally managed flaw malicious code protection security controls. Related controls: AU-2, SI-8.
NIST 800-53 (r5) Discussion:
[Withdrawn: Incorporated into PL-9.]
38North Guidance:
Meets Minimum Requirement:
Utilize some mechanism (e.g., antivirus management console) to plan, implement, assess, authorize, and monitor antivirus mechanisms.
Best Practice: None
Unofficial FedRAMP Guidance: None
Assessment Evidence:
Configuration showing antivirus scan settings and associated antivirus alerts. Most major antivirus scan vendors provide a dashboard that can be utilized to produced artifacts showing these settings and alerts.
CSP Implementation Tips: None
Page updated
Report abuse