System and Information Integrity (SI)
Install [Assignment: organization-defined security-relevant software and firmware updates] automatically to [Assignment: organization-defined system components].
System and Information Integrity (SI)
Remove previous versions of [Assignment: organization-defined software and firmware components] after updated versions have been installed.
System and Information Integrity (SI)
Level N/A
a. Implement [Selection (one or more): signature based; non-signature based] malicious code protection mechanisms at system entry and exit points to detect and eradicate malicious code; b. Automatically update malicious code protection mechanisms as new releases are available in accordance with organizational configuration management policy and procedures; c. Configure malicious code protection mechanisms to: 1. Perform periodic scans of the system [Assignment: organization-defined frequency] and real-time scans of files from external sources at [Selection (one or more): endpoint; network entry and exit points] as the files are downloaded, opened, or executed in accordance with organizational policy; and 2. [Selection (one or more): block malicious code; quarantine malicious code; take [Assignment: organization-defined action]]; and send alert to [Assignment: organization-defined personnel or roles] in response to malicious code detection; and d. Address the receipt of false positives during malicious code detection and eradication and the resulting potential impact on the availability of the system.
System and Information Integrity (SI)
Level N/A
[Withdrawn: Incorporated into PL-9.]
System and Information Integrity (SI)
[Withdrawn: Incorporated into PL-9.]
System and Information Integrity (SI)
[Withdrawn: Incorporated into SI-3.]
System and Information Integrity (SI)
Update malicious code protection mechanisms only when directed by a privileged user.
System and Information Integrity (SI)
[Withdrawn: Incorporated into AC-6(10).]
System and Information Integrity (SI)
(a) Test malicious code protection mechanisms [Assignment: organization-defined frequency] by introducing known benign code into the system; and (b) Verify that the detection of the code and the associated incident reporting occur.
System and Information Integrity (SI)
[Withdrawn: Incorporated into MP-7.]
