NIST SP 800-171 & CMMC 2.0 3.14.5 Requirement:

Perform periodic scans of the information system and real-time scans of files from external sources as files are downloaded, opened, or executed.

NIST SP 800-171 & CMMC 2.0 3.14.5 Requirement Explanation:

Attackers may attempt to install malware on your systems. Once doing so, they can control your systems and access the data stored on them. Anti-malware software help prevents the installation of malware. It can also remove existing malware from a system.

Example NIST SP 800-171 & CMMC 2.0 3.14.5 Implementation:

Install anti-malware (aka Anti-Virus) software on your workstations and servers. Configure your anti-malware software to scan files from the internet. This includes when they are downloaded, opened, or executed. Configure your anti-malware software to periodically scan your systems. For example, a full system scan once a week every Friday at 5:00 PM.

NIST SP 800-171 & CMMC 2.0 3.14.5 Scenario(s):

- Scenario 1:

Alice wants to prevent malware from being installed on her company's computers. To achieve this she purchases an enterprise anti-malware solution. She installs the anti-malware software onto all her workstations and servers. Alice configures and deploys an anti-malware policy to her systems. The policy instructs the anti-malware software to scan files downloaded from the internet. It also scans files before they are opened or executed. Alice's policy also tells the software to run a full system scan weekly every Friday at 5:00 PM.
 

Quick & Simple

Discover Our Cybersecurity Compliance Solutions:

Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you

 NIST SP 800-171 & CMMC Compliance App

NIST SP 800-171 & CMMC Compliance

Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
 HIPAA Compliance App

HIPAA Compliance

Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
 FAR 52.204-21 Compliance App

FAR 52.204-21 Compliance

Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
 ISO 27001 Compliance App

ISO 27001 Compliance

Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.