UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

An approved, up-to-date, DoD antivirus program must be installed and used.


Overview

Finding ID Version Rule ID IA Controls Severity
V-1074 5.007 SV-29470r3_rule ECVP-1 High
Description
Antivirus programs are a primary line of defense against the introduction of viruses and malicious code that can destroy data and even render a computer inoperable. Utilizing an antivirus program provides the ability to detect malicious code before extensive damage occurs. Updated virus scan data files help to protect a system, since new malware are identified by the software vendors on a continual basis.
STIG Date
Windows 2008 Member Server Security Technical Implementation Guide 2015-09-02

Details

Check Text ( C-61989r2_chk )
If V-19910 from an antivirus STIG has been applied to the system, the signature verification portion of this requirement is NA.

Verify a supported DoD antivirus product has been installed on the system.

If McAfee VirusScan Enterprise 8.8 or later is not installed on the system, this is a finding.

And

If a product other than McAfee VirusScan Enterprise is used and V-19910 from an antivirus STIG has not been applied to the system, verify the date of the antivirus signature.

If the antivirus program signature has not been updated within the past 7 days, this is a finding.

The version numbers and the date of the signature can generally be checked by starting the antivirus program. The information may appear in the antivirus window or be available in the Help >> About window. The location varies from product to product.
Fix Text (F-66885r1_fix)
Install McAfee VirusScan Enterprise 8.8 or later on the system. Update the signature file at least every 7 days.