800-53|SI-3b.

Title

MALICIOUS CODE PROTECTION

Description

Updates malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures;

Reference Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

Family: SYSTEM AND INFORMATION INTEGRITY

Baseline Impact: LOW,MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
DTAG008 - The antivirus signature file age must not exceed 7 days.WindowsDISA McAfee VirusScan 8.8 Local Client STIG v6r1
DTAG008 - The antivirus signature file age must not exceed 7 days.WindowsDISA McAfee VirusScan 8.8 Managed Client STIG v6r1
DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvclean.datUnixMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5
DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvclean.datUnixMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6
DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvnames.datUnixMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5
DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvnames.datUnixMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6
DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvscan.datUnixMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6
DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvscan.datUnixMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5
DTAVSEL-002 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to receive automatic updates.UnixMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5
DTAVSEL-002 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to receive automatic updates.UnixMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6
DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - includeOdsTasksUnixMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6
DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - jokesAlertUnixMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6
DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - programsAlertUnixMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6
DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - SMTP hostUnixMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6
DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - SMTP portUnixMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6
DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - SMTP recipientsUnixMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6
DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - SMTP senderUnixMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6
DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - trojansAlertUnixMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6
DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - VirusDetectedUnixMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6
DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes.UnixMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5
EX16-ED-002400 - The application must update malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures.WindowsDISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5
EX16-ED-002410 - The application must update malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures.WindowsDISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5
F5BI-AS-000109 - The BIG-IP ASM module must be configured to update malicious code protection mechanisms and signature definitions when providing content filtering to virtual servers for whenever new releases are available in accordance with organizational configuration management policy and procedures.F5DISA F5 BIG-IP Application Security Manager STIG v2r1
JUSX-IP-000010 - The Juniper Networks SRX Series Gateway IDPS must install updates for predefined signature objects, applications signatures, IDPS policy templates, and device software when new releases are available in accordance with organizational configuration management policy and procedures.JuniperDISA Juniper SRX Services Gateway IDPS v2r1
JUSX-IP-000026 - The Juniper Networks SRX Series Gateway IDPS must automatically install updates to signature definitions.JuniperDISA Juniper SRX Services Gateway IDPS v2r1
PANW-AG-000060 - The Palo Alto Networks security platform must update malicious code protection mechanisms and signature definitions whenever new releases are available in accordance with organizational configuration management policy and procedures.Palo_AltoDISA STIG Palo Alto ALG v3r2
PANW-IP-000024 - The Palo Alto Networks security platform must install updates for application software files, signature definitions, detection heuristics, and vendor-provided rules when new releases are available in accordance with organizational configuration management policy and procedures.Palo_AltoDISA STIG Palo Alto IDPS v3r1
PANW-IP-000029 - The Palo Alto Networks security platform must automatically install updates to signature definitions, detection heuristics, and vendor-provided rules.Palo_AltoDISA STIG Palo Alto IDPS v3r1
UBTU-16-030910 - The system must update the DoD-approved virus scan program every seven days or more frequently.UnixDISA STIG Ubuntu 16.04 LTS v2r3
WNDF-AV-000028 - Microsoft Defender AV spyware definition age must not exceed 7 days.WindowsDISA STIG Microsoft Defender Antivirus v2r4
WNDF-AV-000029 - Microsoft Defender AV virus definition age must not exceed 7 days.WindowsDISA STIG Microsoft Defender Antivirus v2r4