Information
A common tactic of malware is to identify the type of malicious code protection software
running on the system and deactivate it. Malicious code includes viruses, worms, Trojan
horses, and Spyware.
Rationale:
Malicious code protection software must be protected to prevent a non-privileged user or
malicious piece of software from disabling the protection mechanism.
NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.
Solution
Navigate to Central Administration.
1. Click Security, and then click Define blocked file types.
2. To change the web application, click the link next to Web Application: and then click Change Web Application.
3. In the Select Web Application dialog, click an app.
4. On the Blocked File Types page to add a file to block, type a file extension (with the period), one per line.
5. Add all file types listed in the enterprise blacklist.
6. Repeat check for each web application.