Detections
Analytics

800-53|SC-18(1)

Title

IDENTIFY UNACCEPTABLE CODE / TAKE CORRECTIVE ACTIONS

Description

The information system identifies [Assignment: organization-defined unacceptable mobile code] and takes [Assignment: organization-defined corrective actions].

Supplemental

Corrective actions when unacceptable mobile code is detected include, for example, blocking, quarantine, or alerting administrators. Blocking includes, for example, preventing transmission of word processing files with embedded macros when such macros have been defined to be unacceptable mobile code.

Reference Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

Parent Title: MOBILE CODE

Family: SYSTEM AND COMMUNICATIONS PROTECTION

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.6 Set 'Select SmartScreen Filter mode for Internet Explorer 9' to 'Enabled:On'WindowsCIS IE 9 v1.0.0
2.2.4.7.2.1.1 Ensure 'Always prevent untrusted Microsoft Query files from opening' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.1.0 L1
2.2.4.7.2.1.2 Ensure 'Don't allow Dynamic Data Exchange (DDE) server launch in Excel' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.1.0 L1
2.2.4.7.2.1.3 Ensure 'Don't allow Dynamic Data Exchange (DDE) server lookup in Excel' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.1.0 L1
2.2.4.7.2.3.1 Ensure 'Always open untrusted database files in Protected View' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.1.0 L1
3.1.2 Ensure 'Default geolocation setting' is set to 'Enabled: Do not allow any site to track the users' physical location'WindowsCIS Google Chrome L1 v2.1.0
3.2 Ensure 'Default geolocation setting' is set to 'Enabled' with 'Do not allow any site to track the users' physical location'WindowsCIS Google Chrome L1 v2.0.0
3.15 Ensure 'Enable URL-keyed anonymized data collection' is set to 'Disabled'WindowsCIS Google Chrome L1 v2.0.0
3.16 Ensure 'Enable URL-keyed anonymized data collection' is set to 'Disabled'WindowsCIS Google Chrome L1 v2.1.0
7.3 Set 'Mime Sniffing Safety Feature' to 'Enabled'WindowsCIS IE 11 v1.0.0
7.3 Set 'Mime Sniffing Safety Feature' to 'Enabled'WindowsCIS IE 10 v1.1.0
7.4 Set 'Consistent Mime Handling' to 'Enabled' - (Reserved)WindowsCIS IE 9 v1.0.0
7.4 Set 'Consistent Mime Handling' to 'Enabled' - explorer.exeWindowsCIS IE 9 v1.0.0
7.4 Set 'Consistent Mime Handling' to 'Enabled' - iexplore.exeWindowsCIS IE 9 v1.0.0
7.6 Set 'Consistent Mime Handling' to 'Enabled'WindowsCIS IE 11 v1.0.0
7.6 Set 'Consistent Mime Handling' to 'Enabled'WindowsCIS IE 10 v1.1.0
7.7 Set 'Mime Sniffing Safety Feature' to 'Enabled' - (Reserved)WindowsCIS IE 9 v1.0.0
7.7 Set 'Mime Sniffing Safety Feature' to 'Enabled' - explorer.exeWindowsCIS IE 9 v1.0.0
7.7 Set 'Mime Sniffing Safety Feature' to 'Enabled' - iexplore.exeWindowsCIS IE 9 v1.0.0
8.1.34 Set 'Don't run antimalware programs against ActiveX controls' to 'Enabled:Disabled'WindowsCIS IE 11 v1.0.0
8.2.4 Set 'Don't run antimalware programs against ActiveX controls' to 'Enabled:Disabled'WindowsCIS IE 11 v1.0.0
8.3.42 Set 'Don't run antimalware programs against ActiveX controls' to 'Enabled:Disabled'WindowsCIS IE 11 v1.0.0
8.4.3 Set 'Don't run antimalware programs against ActiveX controls' to 'Enabled:Disabled'WindowsCIS IE 11 v1.0.0
8.5.3 Set 'Don't run antimalware programs against ActiveX controls' to 'Enabled:Disabled'WindowsCIS IE 11 v1.0.0
ARDC-CL-000005 - Adobe Reader DC must enable Enhanced Security in a Standalone Application.WindowsDISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000010 - Adobe Reader DC must enable Enhanced Security in a Browser.WindowsDISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000015 - Adobe Reader DC must enable Protected Mode.WindowsDISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000020 - Adobe Reader DC must enable Protected View.WindowsDISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000025 - Adobe Reader DC must Block Websites.WindowsDISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000030 - Adobe Reader DC must block access to Unknown Websites.WindowsDISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000035 - Adobe Reader DC must prevent opening files other than PDF or FDF.WindowsDISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000045 - Adobe Reader DC must block Flash Content.WindowsDISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CN-000005 - Adobe Reader DC must enable Enhanced Security in a Standalone Application.WindowsDISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000010 - Adobe Reader DC must enable Enhanced Security in a Browser.WindowsDISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000015 - Adobe Reader DC must enable Protected Mode.WindowsDISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000020 - Adobe Reader DC must enable Protected View.WindowsDISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000025 - Adobe Reader DC must Block Websites.WindowsDISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000030 - Adobe Reader DC must block access to Unknown Websites.WindowsDISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000035 - Adobe Reader DC must prevent opening files other than PDF or FDF.WindowsDISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000045 - Adobe Reader DC must block Flash Content.WindowsDISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - ssl_moduleUnixDISA STIG Apache Server 2.4 Unix Server v2r5
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - ssl_moduleUnixDISA STIG Apache Server 2.4 Unix Server v2r5 Middleware
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - ssl_moduleUnixDISA STIG Apache Server 2.4 Unix Server v2r3
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - ssl_moduleUnixDISA STIG Apache Server 2.4 Unix Server v2r3 Middleware
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - SSLProtocolUnixDISA STIG Apache Server 2.4 Unix Server v2r5 Middleware
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - SSLProtocolUnixDISA STIG Apache Server 2.4 Unix Server v2r5
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - SSLProtocolUnixDISA STIG Apache Server 2.4 Unix Server v2r3
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - SSLProtocolUnixDISA STIG Apache Server 2.4 Unix Server v2r3 Middleware
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocolUnixDISA STIG Apache Server 2.4 Unix Site v2r1 Middleware
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocolUnixDISA STIG Apache Server 2.4 Unix Site v2r1