The operating system must employ malicious code protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-28999	SRG-OS-000270	SV-36990r1_rule		Medium

Description
In order to minimize potential negative impact to the organization that can be caused by malicious code, it is imperative that malicious code is identified and eradicated. Malicious code includes viruses, worms, Trojan horses, and spyware. The requirement states that malicious code protection mechanisms, such as anti-virus, must be used on workstations, servers, and mobile computing devices. For the operating system, this means an anti-virus application must be installed.

Description

In order to minimize potential negative impact to the organization that can be caused by malicious code, it is imperative that malicious code is identified and eradicated. Malicious code includes viruses, worms, Trojan horses, and spyware. The requirement states that malicious code protection mechanisms, such as anti-virus, must be used on workstations, servers, and mobile computing devices. For the operating system, this means an anti-virus application must be installed.

STIG	Date
Operating System Security Requirements Guide	2013-03-28

Details

Check Text ( None )
None

Fix Text (None)
None