NIST SP 800-171 & CMMC 2.0 3.14.5 Requirement:

Perform periodic scans of the information system and real-time scans of files from external sources as files are downloaded, opened, or executed.

NIST SP 800-171 & CMMC 2.0 3.14.5 Requirement Explanation:

Attackers may attempt to install malware on your systems. Once doing so, they can control your systems and access the data stored on them. Anti-malware software help prevents the installation of malware. It can also remove existing malware from a system.

Example NIST SP 800-171 & CMMC 2.0 3.14.5 Implementation:

Install anti-malware (aka Anti-Virus) software on your workstations and servers. Configure your anti-malware software to scan files from the internet. This includes when they are downloaded, opened, or executed. Configure your anti-malware software to periodically scan your systems. For example, a full system scan once a week every Friday at 5:00 PM.

NIST SP 800-171 & CMMC 2.0 3.14.5 Scenario(s):

- Scenario 1:

Alice wants to prevent malware from being installed on her company's computers. To achieve this she purchases an enterprise anti-malware solution. She installs the anti-malware software onto all her workstations and servers. Alice configures and deploys an anti-malware policy to her systems. The policy instructs the anti-malware software to scan files downloaded from the internet. It also scans files before they are opened or executed. Alice's policy also tells the software to run a full system scan weekly every Friday at 5:00 PM.
 

Quick & Simple

Discover Our Cybersecurity Compliance Solutions:

Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you

NIST SP 800-171 & CMMC Compliance App

NIST SP 800-171 & CMMC Compliance

Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
Learn More
HIPAA Compliance App

HIPAA Compliance

Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
Learn More
FAR 52.204-21 Compliance App

FAR 52.204-21 Compliance

Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
Learn More
ISO 27001 Compliance App

ISO 27001 Compliance

Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.
Learn More