Applications providing malicious code protection must support organizational requirements to configure malicious code protection mechanisms to perform real-time scans of files from external sources as the files are downloaded, opened, or executed in accordance with organizational security policy.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-36301	SRG-APP-278-NA	SV-47705r1_rule		Medium

Description
Malicious code protection mechanisms include but are not limited to anti-virus and malware detection software. In order to minimize potential negative impact to the organization that can be caused by malicious code, it is imperative that malicious code is identified and eradicated. Rationale for non-applicability: The MDM server does not perform malware scanning of downloaded files on managed mobile devices.

Description

Malicious code protection mechanisms include but are not limited to anti-virus and malware detection software. In order to minimize potential negative impact to the organization that can be caused by malicious code, it is imperative that malicious code is identified and eradicated. Rationale for non-applicability: The MDM server does not perform malware scanning of downloaded files on managed mobile devices.

STIG	Date
Mobile Device Manager Security Requirements Guide	2013-01-24

Details

Check Text ( C-44542r1_chk )
This requirement is NA for the MDM server SRG.

Fix Text (F-40832r1_fix)
The requirement is NA. No fix is required.