Navigate

CCI-001669

CCI-001669 Definition

Defines the frequency of testing malicious code protection mechanisms.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

DoD has defined the frequency as twice annually or when substantial changes are made to the malicious code protection mechanisms.

Validation Procedures

The organization being inspected/assessed is automatically compliant with this CCI because they are covered at the DoD level. DoD has defined the frequency as twice annually or when substantial changes are made to the malicious code protection mechanisms.

Compelling Evidence

Automatically compliant.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001669.

Control	Description
SI-3(6)	The organization: (a): Tests malicious code protection mechanisms [organization-defined frequency] by introducing a known benign, non-spreading test case into the information system; and (b): Verifies that both detection of the test case and associated incident reporting occur.