Hardware and Software Inventory

How to Meet Requirements 3.6.3 and IR.3.099: Test the organizational incident response capability.

Learn how to “Test the organizational incident response capability” to meet NIST SP 800-171 3.6.3 and CMMC IR.3.099 requirements.

Join our newsletter:

How to Test your incident response capability

Malicious code is software or firmware intended to perform an unauthorized process that will have adverse impact on the confidentiality, integrity, or availability of an information system.
Anti-Malware software is used to protect a system such as a laptop or server from malicious code. Anti-malware software vendors include MalwareBytes, Defender, and Norton.

What are the NIST SP 800-171 & CMMC Malicious Code Protection Requirements?

Malicious Code Protection
NIST SP 800-171 3.14.2 & CMMC SI.1.211: "Provide protection from malicious code at appropriate locations within organizational information systems."
To meet this requirement You need to install anti-malware software on your laptops, desktops, and servers. If you have smartphones or tablets that you provide your employees, you should install anti-malware software on them. You should also configure your email gateway to block emails containing malware.
NIST SP 800-171 3.14.4 & CMMC - SI.1.212: "Provide protection from malicious code at appropriate locations within organizational information systems."
To meet this requirement You need to install anti-malware software on your laptops, desktops, and servers. If you have smartphones or tablets that you provide your employees, you should install anti-malware software on them. You should also configure your email gateway to block emails containing malware.
NIST SP 800-171 3.14.4 & CMMC - SI.1.212: "Update malicious code protection mechanisms when new releases are available."
To meet this requirement you need to configure your anti-malware solution to update it’s signature database when a new release is available. Some solutions automatically receive signature database updates, others may be configured to check for them periodically (e.g., hourly or daily).
NIST SP 800-171 3.14.5 & CMMC SI.1.213: "Perform periodic scans of the information system and real-time scans of files from external sources as files are downloaded, opened, or executed."
To meet this requirement uou need to configure your anti-malware solution to perform periodic scans of your systems. This can be in the form of a daily quick scan combined with a weekly full scan, it is up to you to set the frequency. You need to configure your anti-malware solution to perform real time scans. According to the anti-malware software vendor McAfee “Real-time scanning checks files for viruses each time you or your PC accesses them.” Most anti-malware solutions have this capability, you need to ensure that it is activated.
 
 
 

Quick & Simple

Discover Our Cybersecurity Compliance Solutions:

Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you

 NIST SP 800-171 & CMMC Compliance App

NIST SP 800-171 & CMMC Compliance

Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
 HIPAA Compliance App

HIPAA Compliance

Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
 FAR 52.204-21 Compliance App

FAR 52.204-21 Compliance

Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
 ISO 27001 Compliance App

ISO 27001 Compliance

Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.