The organization must employ malicious code protection mechanisms at information system entry and exit points to detect and take action on unsolicited messages transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-27141	SRG-APP-NA	SV-34440r1_rule		Medium

Description
Unsolicited email messages otherwise known as SPAM are known to be one of the primary vectors for the propagation of many types of attacks including phishing attacks. SPAM and malware protection techniques include examining email messages, files, and web traffic at border gateways or proxies to determine if the traffic contains SPAM or some other type of malware. This is a requirement to deploy SPAM protection at certain locations on the network. This requirement does not apply to applications.

Description

Unsolicited email messages otherwise known as SPAM are known to be one of the primary vectors for the propagation of many types of attacks including phishing attacks. SPAM and malware protection techniques include examining email messages, files, and web traffic at border gateways or proxies to determine if the traffic contains SPAM or some other type of malware. This is a requirement to deploy SPAM protection at certain locations on the network. This requirement does not apply to applications.

STIG	Date
Application Security Requirements Guide	2011-12-28

Details

Check Text ( None )
None

Fix Text (None)
None