Navigate

CCI-002636

CCI-002636 Definition

Employ organization-defined tools to analyze the characteristics and behavior of malicious code.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed documents and implements tools defined in SI-3 (10), CCI 2634 to analyze the characteristics and behavior of malicious code.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented tools to ensure the organization being inspected/assessed employs tools defined in SI-3 (10), CCI 2634 to analyze the characteristics and behavior of malicious code.

Compelling Evidence

1.) Signed and dated system security plan. 2.) Implementation documentation of tools defined in SI-3 (10), CCI 2634 to analyze the characteristics and behavior of malicious code.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002636.

Control	Description
SI-3(10)	The organization: (a): Employs [one of ] to analyze the characteristics and behavior of malicious code; and (b): Incorporates the results from malicious code analysis into organizational incident response and flaw remediation processes.