Navigate

SC-18(1)

SC-18(1): Identify Unacceptable Code and Take Corrective Actions

Identify [unacceptable mobile code to be identified is defined;] and take [corrective actions to be taken when unacceptable mobile code is identified are defined;].

Supplemental

Corrective actions when unacceptable mobile code is detected include blocking, quarantine, or alerting administrators. Blocking includes preventing the transmission of word processing files with embedded macros when such macros have been determined to be unacceptable mobile code.

CIA Levels
Confidentiality	unknown
Integrity	low
Availability	unknown

Overlays
None

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to SC-18(1).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of SC-18(1).

Control	Description
No controls

Related CCIs

The CCIs below are tied to SC-18(1).

CCI	Definition
CCI-001166	Identify organization-defined unacceptable mobile code.
CCI-001662	Take organization-defined corrective action when organization-defined unacceptable mobile code is identified.
CCI-002457	Defines the corrective actions to be taken when organization-defined unacceptable mobile code is identified.
CCI-002458	Defines what constitutes unacceptable mobile code by using corrective actions.