Skip to content
ATO Pathways
  Log In

CCI-001243

Configure malicious code protection mechanisms to block malicious code; quarantine malicious code; and/or take organization-defined action(s) in response to malicious code detection.

Logo
1

Rule

Severity: Medium
Kona Site Defender providing content filtering must block malicious code upon detection.
Logo
1

Rule

Severity: Medium
Kona Site Defender providing content filtering must send an immediate (within seconds) alert to the system administrator, at a minimum, in response to malicious code detection.
Logo
2

Rule

Severity: Medium
The ALG providing content filtering must block malicious code upon detection.
Logo
2

Rule

Severity: Medium
The ALG providing content filtering must delete or quarantine malicious code in response to malicious code detection.
Logo
2

Rule

Severity: Medium
The ALG providing content filtering must send an immediate (within seconds) alert to the system administrator, at a minimum, in response to malicious code detection.
Logo
1

Rule

Severity: Medium
The CA API Gateway providing content filtering must block malicious code upon detection.
Logo
1

Rule

Severity: Medium
The CA API Gateway providing content filtering must delete or quarantine malicious code in response to malicious code detection.
Logo
1

Rule

Severity: Medium
The CA API Gateway providing content filtering must send an immediate (within seconds) alert to the system administrator, at a minimum, in response to malicious code detection.
Logo
2

Rule

Severity: Medium
The IDPS must block malicious code.
Logo
2

Rule

Severity: Medium
The IDPS must quarantine and/or delete malicious code.
Logo
2

Rule

Severity: Medium
The IDPS must send an immediate (within seconds) alert to, at a minimum, the system administrator when malicious code is detected.
Logo
2

Rule

Severity: Medium
The Juniper Networks SRX Series Gateway IDPS must drop packets or disconnect the connection when malicious code is detected.
Logo
2

Rule

Severity: Medium
The Juniper Networks SRX Series Gateway IDPS must send an immediate alert to, at a minimum, the Security Control Auditor (SCA) when malicious code is detected.
Logo
1

Rule

Severity: Medium
Microsoft Defender AV must be configured to automatically take action on all detected tasks.
Logo
1

Rule

Severity: Medium
File types must be configured to provide mismatch warnings.
Logo
1

Rule

Severity: Medium
Update of automatic links must be configured to prompt.
Logo
1

Rule

Severity: Medium
File types must be configured to provide mismatch warnings
Logo
1

Rule

Severity: Medium
The Update of automatic links setting must be configured to prompt user before allowing links to be updated.
Logo
2

Rule

Severity: Medium
The TPS must block malicious code.
Logo
2

Rule

Severity: High
The TPS must generate a log record so an alert can be configured to, at a minimum, the system administrator when malicious code is detected.
Logo
2

Rule

Severity: Medium
The Cisco ASA must be configured to block malicious code.
Logo
2

Rule

Severity: Medium
The Cisco ASA must be configured to block traffic from IP addresses that have a known bad reputation based on the latest reputation intelligence.
Logo
2

Rule

Severity: Medium
The Cisco ASA must be configured to send an alert to organization-defined personnel and/or the firewall administrator when malicious code is detected.
Logo
2

Rule

Severity: Medium
The application must be configured to block and quarantine malicious code upon detection, then send an immediate alert to appropriate individuals.
Logo
2

Rule

Severity: Medium
The Palo Alto Networks security platform must drop malicious code upon detection.
Logo
2

Rule

Severity: Medium
The Palo Alto Networks security platform must delete or quarantine malicious code in response to malicious code detection.
Logo
2

Rule

Severity: Medium
The Palo Alto Networks security platform must send an immediate (within seconds) alert to the system administrator, at a minimum, in response to malicious code detection.
Logo
2

Rule

Severity: Medium
The Palo Alto Networks security platform must detect and drop any prohibited mobile or otherwise malicious code at internal boundaries.
Logo
2

Rule

Severity: Medium
The Palo Alto Networks security platform must send an immediate (within seconds) alert to, at a minimum, the SA when malicious code is detected.
Logo
1

Rule

Severity: Medium
The F5 BIG-IP appliance must generate event log records that can be forwarded to the centralized events log.

Patternfly

PatternFly elements

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules