Embedded Files
This page is classified as INTERNAL.
NIST 800-53 (r4) Control:
The information system automatically updates malicious code protection mechanisms.
NIST 800-53 (r4) Supplemental Guidance:
Malicious code protection mechanisms include, for example, signature definitions. Due to information system integrity and availability concerns, organizations give careful consideration to the methodology used to carry out automatic updates. Related control: SI-8.
NIST 800-53 (r5) Discussion:
[Withdrawn: Incorporated into SI-3.]
38North Guidance:
Meets Minimum Requirement:
Once deployed, automatically update malicious code protection mechanisms (i.e., antivirus).
Best Practice: Ensure that virus signatures are downloaded and updated on a regular basis and before scans are kicked off.
Unofficial FedRAMP Guidance: None
Assessment Evidence:
Configuration showing antivirus signature schedule.
CSP Implementation Tips: None
Page updated
Report abuse