CCI-002622
CCI-002622 Definition
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed configures the malicious code protection mechanisms identified in SI-3, CCI 2620 to eradicate malicious code.
Validation Procedures
The organization conducting the inspection/assessment examines the information system architecture as well as the organization's documentation of information system exit points and verifies that malicious code protection mechanisms are implemented to eradicate malicious code.
Compelling Evidence
1.) Security plan documents all exit points for information system (Reviewer [Scan/Network] will confirm actual exit points match documentation) and malicious code protections being used, as well as frequency by which protection signatures are updated (Reviewer [Network/HBSS] will validate that protections are being used and signatures are current) 2.) Signed and dated product protection software logs (such as HBSS).