800-53|SC-18(1)

Title

IDENTIFY UNACCEPTABLE CODE / TAKE CORRECTIVE ACTIONS

Description

The information system identifies [Assignment: organization-defined unacceptable mobile code] and takes [Assignment: organization-defined corrective actions].

Supplemental

Corrective actions when unacceptable mobile code is detected include, for example, blocking, quarantine, or alerting administrators. Blocking includes, for example, preventing transmission of word processing files with embedded macros when such macros have been defined to be unacceptable mobile code.

Reference Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

Parent Title: MOBILE CODE

Family: SYSTEM AND COMMUNICATIONS PROTECTION

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.6 Set 'Select SmartScreen Filter mode for Internet Explorer 9' to 'Enabled:On'WindowsCIS IE 9 v1.0.0
2.2.4.7.2.1.1 Ensure 'Always prevent untrusted Microsoft Query files from opening' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.2.4.7.2.1.2 Ensure 'Don't allow Dynamic Data Exchange (DDE) server launch in Excel' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.2.4.7.2.1.3 Ensure 'Don't allow Dynamic Data Exchange (DDE) server lookup in Excel' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.2.4.7.2.3.1 Ensure 'Always open untrusted database files in Protected View' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
7.3 Set 'Mime Sniffing Safety Feature' to 'Enabled'WindowsCIS IE 11 v1.0.0
7.3 Set 'Mime Sniffing Safety Feature' to 'Enabled'WindowsCIS IE 10 v1.1.0
7.4 Set 'Consistent Mime Handling' to 'Enabled' - (Reserved)WindowsCIS IE 9 v1.0.0
7.4 Set 'Consistent Mime Handling' to 'Enabled' - explorer.exeWindowsCIS IE 9 v1.0.0
7.4 Set 'Consistent Mime Handling' to 'Enabled' - iexplore.exeWindowsCIS IE 9 v1.0.0
7.6 Set 'Consistent Mime Handling' to 'Enabled'WindowsCIS IE 11 v1.0.0
7.6 Set 'Consistent Mime Handling' to 'Enabled'WindowsCIS IE 10 v1.1.0
7.7 Set 'Mime Sniffing Safety Feature' to 'Enabled' - (Reserved)WindowsCIS IE 9 v1.0.0
7.7 Set 'Mime Sniffing Safety Feature' to 'Enabled' - explorer.exeWindowsCIS IE 9 v1.0.0
7.7 Set 'Mime Sniffing Safety Feature' to 'Enabled' - iexplore.exeWindowsCIS IE 9 v1.0.0
8.1.34 Set 'Don't run antimalware programs against ActiveX controls' to 'Enabled:Disabled'WindowsCIS IE 11 v1.0.0
8.2.4 Set 'Don't run antimalware programs against ActiveX controls' to 'Enabled:Disabled'WindowsCIS IE 11 v1.0.0
8.3.42 Set 'Don't run antimalware programs against ActiveX controls' to 'Enabled:Disabled'WindowsCIS IE 11 v1.0.0
8.4.3 Set 'Don't run antimalware programs against ActiveX controls' to 'Enabled:Disabled'WindowsCIS IE 11 v1.0.0
8.5.3 Set 'Don't run antimalware programs against ActiveX controls' to 'Enabled:Disabled'WindowsCIS IE 11 v1.0.0
Always open untrusted database files in Protected ViewWindowsMSCT Office 365 ProPlus 1908 v1.0.0
Always open untrusted database files in Protected ViewWindowsMSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0
Always prevent untrusted Microsoft Query files from openingWindowsMSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0
Always prevent untrusted Microsoft Query files from openingWindowsMSCT Office 365 ProPlus 1908 v1.0.0
ARDC-CL-000005 - Adobe Reader DC must enable Enhanced Security in a Standalone Application.WindowsDISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000010 - Adobe Reader DC must enable Enhanced Security in a Browser.WindowsDISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000015 - Adobe Reader DC must enable Protected Mode.WindowsDISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000020 - Adobe Reader DC must enable Protected View.WindowsDISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000025 - Adobe Reader DC must Block Websites.WindowsDISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000030 - Adobe Reader DC must block access to Unknown Websites.WindowsDISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000035 - Adobe Reader DC must prevent opening files other than PDF or FDF.WindowsDISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000045 - Adobe Reader DC must block Flash Content.WindowsDISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CN-000005 - Adobe Reader DC must enable Enhanced Security in a Standalone Application.WindowsDISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000010 - Adobe Reader DC must enable Enhanced Security in a Browser.WindowsDISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000015 - Adobe Reader DC must enable Protected Mode.WindowsDISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000020 - Adobe Reader DC must enable Protected View.WindowsDISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000025 - Adobe Reader DC must Block Websites.WindowsDISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000030 - Adobe Reader DC must block access to Unknown Websites.WindowsDISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000035 - Adobe Reader DC must prevent opening files other than PDF or FDF.WindowsDISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000045 - Adobe Reader DC must block Flash Content.WindowsDISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided.UnixDISA STIG Apache Server 2.4 Unix Site v2r4
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided.UnixDISA STIG Apache Server 2.4 Unix Site v2r4 Middleware
AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLEngineWindowsDISA STIG Apache Server 2.4 Windows Site v2r1
AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLProtocolWindowsDISA STIG Apache Server 2.4 Windows Site v2r1
DTAM004 - McAfee VirusScan On-Access General Policies must be configured to notify local users when detections occur.WindowsDISA McAfee VirusScan 8.8 Managed Client STIG v6r1
DTAM004 - McAfee VirusScan On-Access Scanner General Settings must be configured to notify local users when detections occur.WindowsDISA McAfee VirusScan 8.8 Local Client STIG v6r1
DTAM022 - McAfee VirusScan On-Delivery Email Scan Policies must be configured to find unknown program threats and Trojans.WindowsDISA McAfee VirusScan 8.8 Managed Client STIG v6r1
DTAM022 - McAfee VirusScan On-Delivery Email Scanner must be configured to find unknown program threats and trojans.WindowsDISA McAfee VirusScan 8.8 Local Client STIG v6r1
DTAM023 - McAfee VirusScan On Delivery Email Scan Policies must be configured to find unknown macro threats.WindowsDISA McAfee VirusScan 8.8 Managed Client STIG v6r1
DTAM023 - McAfee VirusScan On Delivery Email Scanner Properties must be configured to find unknown macro threats.WindowsDISA McAfee VirusScan 8.8 Local Client STIG v6r1