Endpoint Security
Mechanisms exist to centrally-manage antimalware technologies.
Endpoint Security
Level N/A
Mechanisms exist to utilize heuristic / nonsignature-based antimalware detection capabilities.
Endpoint Security
Level N/A
Mechanisms exist to test antimalware technologies by introducing a known benign, non-spreading test case into the system and subsequently verifying that both detection of the test case and associated incident reporting occurs.
Endpoint Security
Level N/A
Mechanisms exist to perform periodic evaluations evolving malware threats to assess systems that are generally not considered to be commonly affected by malicious software.
Endpoint Security
Level N/A
Mechanisms exist to ensure that anti-malware technologies are continuously running in real-time and cannot be disabled or altered by non-privileged users, unless specifically authorized by management on a case-by-case basis for a limited time period.
Endpoint Security
Level N/A
Mechanisms exist to utilize host-based firewall software, or a similar technology, on all information systems, where technically feasible.
Endpoint Security
Level N/A
Mechanisms exist to utilize File Integrity Monitor (FIM) technology to detect and report unauthorized changes to system files and configurations.
Endpoint Security
Level N/A
Mechanisms exist to validate configurations through integrity checking of software and firmware.
Endpoint Security
Level N/A
Mechanisms exist to detect and respond to unauthorized configuration changes as cybersecurity incidents.
Endpoint Security
Automated mechanisms exist to alert incident response personnel upon discovering discrepancies during integrity verification.
