The operating system must employ automated mechanisms to detect the presence of unauthorized software on organizational information systems and notify designated organizational officials in accordance with the organization-defined frequency.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-59785 | AOSX-10-001465 | SV-74215r1_rule | High |
| Description |
|---|
| An approved anti-virus product must be installed and configured to run. Malicious software can establish a base on individual desktops and servers. Employing an automated mechanism to detect this type of software will aid in elimination of the software from the operating system. |
| STIG | Date |
|---|---|
| Apple OS X 10.10 (Yosemite) Workstation Security Technical Implementation Guide | 2017-04-06 |
Details
| Check Text ( C-60541r1_chk ) |
|---|
| Ask the SA or ISSO if an approved anti-virus solution is loaded on the system. The anti-virus solution may be bundled with an approved host-based security solution. If there is no local anti-virus solution installed on the system, this is a finding. |
| Fix Text (F-65195r1_fix) |
|---|
| Install an approved anti-virus solution onto the system. |