Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-1074 | WN08-GE-000002 | SV-48017r1_rule | ECVP-1 | High |
Description |
---|
Virus scan programs are a primary line of defense against the introduction of viruses and malicious code that can destroy data and even render a computer inoperable. Utilizing the most current virus scan program provides the ability to detect this malicious code before extensive damage occurs. Updated virus scan data files help protect a system, as new malware is identified by the software vendors on a regular basis. |
STIG | Date |
---|---|
Windows 8 Security Technical Implementation Guide | 2014-01-07 |
Check Text ( C-44755r2_chk ) |
---|
If one of the following products is not installed and supported at an appropriate maintenance level, this is a finding: McAfee VirusScan Enterprise Version 8.8 Patch 3 or later Symantec Endpoint Protection (SEP) 12.1 Release Update 2 or later If the antivirus program signature file is not dated within the past 7 days, this is a finding. The version numbers and the date of the signature file can generally be checked by starting the antivirus program from the toolbar icon or from the Start menu. The information may appear in the antivirus window or be available in the Help > About window. The location varies from product to product. Email versions of antivirus software are not acceptable as protection for Windows operating systems. However, both the email antivirus software and the operating system antivirus software can coexist and run on the same system. If another recognized antivirus product is installed and has a current signature file, this would still be a finding; however, the severity code may be reduced to a Category III. |
Fix Text (F-41155r1_fix) |
---|
Configure the system with supported, DoD-approved virus scanning software. Ensure the signature file is current. |