The application must prevent non-privileged users from circumventing malicious code protection capabilities.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-35684	SRG-APP-000273-AS-NA	SV-46971r1_rule		Medium

Description
Malicious code protection software must be protected so as to prevent a non-privileged user or malicious piece of software from disabling the protection mechanism. A common tactic of malware is to identify the type of malicious code protection software running on the system and deactivate it. Malicious code includes viruses, worms, Trojan horses, and Spyware. Examples include the capability for non-administrative user's to turn off or otherwise disable anti-virus. The requirement is NA. The AS does not provide malicious code protection.

Description

Malicious code protection software must be protected so as to prevent a non-privileged user or malicious piece of software from disabling the protection mechanism. A common tactic of malware is to identify the type of malicious code protection software running on the system and deactivate it. Malicious code includes viruses, worms, Trojan horses, and Spyware. Examples include the capability for non-administrative user's to turn off or otherwise disable anti-virus. The requirement is NA. The AS does not provide malicious code protection.

STIG	Date
Application Server Security Requirements Guide	2013-01-08

Details

Check Text ( C-44026r1_chk )
This requirement is NA for the AS SRG.

Fix Text (F-40226r1_fix)
The requirement is NA. No fix is required.