Control and monitor the use of mobile code.
Control and monitor the use of Voice over Internet Protocol (VoIP) technologies.
Protect the authenticity of communications sessions.
Protect the confidentiality of CUI at rest.
Employ physical isolation techniques or logical isolation techniques or both in organizational systems and system components.
Identify, report, and correct information and information system flaws in a timely manner.
Provide protection from malicious code at appropriate locations within organizational information systems.
Update malicious code protection mechanisms when new releases are available.
Perform periodic scans of the information system and real-time scans of files from external sources as files are downloaded, opened, or executed.
Identify, report, and correct system flaws in a timely manner.