SC-18(1)
SC-18(1): Identify Unacceptable Code / Take Corrective Actions
The information system identifies [organization-defined unacceptable mobile code] and takes [organization-defined corrective actions].
Supplemental
Corrective actions when unacceptable mobile code is detected include, for example, blocking, quarantine, or alerting administrators. Blocking includes, for example, preventing transmission of word processing files with embedded macros when such macros have been defined to be unacceptable mobile code.
CIA Levels | |
---|---|
Confidentiality | unknown |
Integrity | high |
Availability | unknown |
Overlays |
---|
None |
CSF Categories |
---|
None |