The network device must only update malicious code protection mechanisms when directed by a privileged user.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000253-NDM-NA	SRG-NET-000253-NDM-NA	SRG-NET-000253-NDM-NA_rule		Medium

Description
Malicious code includes viruses, worms, Trojan horses, and spyware. Protection mechanisms that guard against these attacks must be protected against access by unauthorized individuals. Without protection, software upgrades may be implemented that themselves pose a danger to the system. Only privileged users are allowed access to the configuration of the system. This control pertains to anti-virus products which are out of scope.

Description

Malicious code includes viruses, worms, Trojan horses, and spyware. Protection mechanisms that guard against these attacks must be protected against access by unauthorized individuals. Without protection, software upgrades may be implemented that themselves pose a danger to the system. Only privileged users are allowed access to the configuration of the system. This control pertains to anti-virus products which are out of scope.

STIG	Date
Network Device Management Security Requirements Guide	2013-07-30

Details

Check Text ( C-SRG-NET-000253-NDM-NA_chk )
This requirement is NA for network device management.

Fix Text (F-SRG-NET-000253-NDM-NA_fix)
This requirement is NA for network device management.