Overview:Identify, report, and correct information and information system flaws in a timely manner. Action Items:3.14.1[a]Determine if: the time within which to identify system flaws is specified. 3.14.1[b]Determine if: system flaws are identified... Read More
System and Information Integrity
Overview:Monitor the information system including inbound and outbound communications traffic, to detect attacks and indicators of potential attacks. Action Items:3.14.6[a]Determine if: the system is monitored to detect attacks and indicators of... Read More
Overview:Provide protection from malicious code at appropriate locations within organizational information systems. Action Items:3.14.2[a]Determine if: designated locations for malicious code protection are identified. 3.14.2[b]Determine if:... Read More
Overview:Update malicious code protection mechanisms when new releases are available. Action Items:3.14.4[a]Determine if: malicious code protection mechanisms are updated when new releases are available. POTENTIAL ASSESSMENT METHODS AND OBJECTS... Read More
Overview:Perform periodic scans of the information system and real-time scans of files from external sources as files are downloaded, opened, or executed. Action Items:3.14.5[a]Determine if: the frequency for malicious code scans is defined. 3.14.5[b... Read More
Overview:Monitor information system security alerts and advisories and take appropriate actions in response. Action Items:3.14.3[a]Determine if: response actions to system security alerts and advisories are identified. 3.14.3[b]Determine if: system... Read More
Overview:Identify unauthorized use of the information system. Action Items:3.14.7[a]Determine if: authorized use of the system is defined. 3.14.7[b]Determine if: unauthorized use of the system is identified. POTENTIAL ASSESSMENT METHODS AND OBJECTS... Read More