Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-23919 | STO-ALL-070 | SV-28875r1_rule | Medium |
Description |
---|
Like the traditional hard drive, removable storage devices and media may contain malware which may threaten DoD systems to which they eventually directly or indirectly attach. To mitigate this risk, DoD policy requires anti-virus and malware detection solutions. |
STIG | Date |
---|---|
Removable Storage and External Connections Security Technical Implementation Guide | 2017-03-02 |
Check Text ( C-29524r1_chk ) |
---|
Further policy details: All enterprise and host systems will be configured to perform on-access scanning for viruses/malware upon introduction to a system. If the destination device (e.g., router, camera, or printer) does not support on-access scanning, ensure data is scanned before loading. Reference the Intellipedia webpage related to HBSS for additional guidance regarding proper configuration and scanning capabilities of DoD-approved antivirus software. The antivirus scanning on the host is configured in compliance with the Antivirus Security Guidance (available at http://iase.disa.mil/stigs/checklist/index.html) and the latest version of CTO 10-084 requirements. Check procedures: 1. Inspect a sampling of external drives, USB thumb drives, and other removable storage drives such as cameras. 2. View the process of attaching these devices to an authorized host and verify that files are inspected by the anti-virus software when retrieved on access. 3. Ask the site representative for evidence that verifies that a security review using the Antivirus Security Guidance and the latest version of CTO 10-084 requirements has been performed. 4. Interview the IAO or site representative and verify that incident response procedures include flash media and external hard drive storage devices. |
Fix Text (F-26592r1_fix) |
---|
The host system will perform on-access anti-virus and malware checking, regardless of whether the flash memory device has software or hardware malware features. |