CCI-001251

Test malicious code protection mechanisms on an organization-defined frequency by introducing a known benign code into the system.

Implementation Guidance

The organization being inspected/assessed documents and implement a process to test malicious code protection mechanisms twice annually or when substantial changes are made to the malicious code protection mechanisms by introducing a known benign, non-spreading test case into the information system. DoD has defined the frequency as twice annually or when substantial changes are made to the malicious code protection mechanisms.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented process and test results to ensure the organization being inspected/assessed tests malicious code protection mechanisms twice annually or when substantial changes are made to the malicious code protection mechanisms by introducing a known benign, non-spreading test case into the information system. DoD has defined the frequency as twice annually or when substantial changes are made to the malicious code protection mechanisms.

Compelling Evidence

1.) Signed and dated system security plan with a reference to the section pertaining to a the process and subsequent test results to ensure the organization being inspected/assessed tests malicious code protection mechanisms twice annually or when substantial changes are made to the malicious code protection mechanisms by introducing a known benign, non-spreading test case into the information system. DoD has defined the frequency as twice annually or when substantial changes are made to the malicious code protection mechanisms.

The controls below (if any) were marked by NIST as being related to CCI-001251.