Fedramp system Security Plan (ssp) High Baseline Template


SI-3 Malicious Code Protection (H)



Download 1.2 Mb.
Page432/478
Date16.12.2020
Size1.2 Mb.
#54609
1   ...   428   429   430   431   432   433   434   435   ...   478
FedRAMP-SSP-High-Baseline-Template
FedRAMP-SSP-High-Baseline-Template, North Carolina Summary Table of Ecoregion Characteristics

SI-3 Malicious Code Protection (H)


The organization:

  1. Employs malicious code protection mechanisms at information system entry and exit points to detect and eradicate malicious code;

  2. Updates malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures;

  3. Configures malicious code protection mechanisms to:

    1. Perform periodic scans of the information system [FedRAMP Assignment: at least weekly] and real-time scans of files from external sources at [FedRAMP Assignment: to include endpoints] as the files are downloaded, opened, or executed in accordance with organizational security policy; and

    2. [FedRAMP Assignment: to include blocking and quarantining malicious code and alerting administrator or defined security personnel near-real-time] in response to malicious code detection; and

  1. Addresses the receipt of false positives during malicious code detection and eradication and the resulting potential impact on the availability of the information system.



SI-3


Download 1.2 Mb.

Share with your friends:
1   ...   428   429   430   431   432   433   434   435   ...   478



The database is protected by copyright ©ininet.org 2024
send message
    Main page
united states
total number
vast majority
federal government
other side
next generation
supreme court
information contained
current state
executive director
national association
middle east
east coast
general assembly
private sector
same time
west coast
united kingdom
united nations
total amount
full range
highest level
soviet union
european union
national academy