On 7/5/12 4:52 PM, Willy Santos wrote:
CCI-001239 requires malicious code protection, e.g. AV. This mapping is a
request for input/discussion.
Signed-off-by: Willy Santos <[email protected]>
---
rhel6/src/input/auxiliary/srg_support.xml | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/rhel6/src/input/auxiliary/srg_support.xml
b/rhel6/src/input/auxiliary/srg_support.xml
index a58ab6b..fa0dc81 100644
--- a/rhel6/src/input/auxiliary/srg_support.xml
+++ b/rhel6/src/input/auxiliary/srg_support.xml
@@ -38,7 +38,7 @@ The requirement is impractical or out of scope.
<description>
It is unclear how to satisfy this requirement.
</description>
-<ref disa="20,31,218,219,224,1097,1158" />
+<ref disa="20,31,218,219,224,1097,1158,1239" />
</Group> <!-- end requirement_unclear -->
<Group id="new_rule_needed">
SRG-OS-000193 CCI-001239 The operating system must have malicious code
protection mechanisms at system entry and exit points to detect and
eradicate malicious code transported by electronic mail, electronic mail
attachments, web accesses, removable media, or other common means. In
order to minimize potential negative impact to the organization caused
by malicious code, it is imperative that malicious code is identified
and eradicated prior to entering protected enclaves via operating system
entry and exit points. The requirement states that AV and malware
protection applications must be used at entry and exit points. For the
operating system, this means an anti-virus application must be installed
on machines that are the entry and exit points.
This makes sense from an environmental perspective, but OS distributors
are not anti-virtus and malware companies. impractical_product.
_______________________________________________
scap-security-guide mailing list
[email protected]
https://fedorahosted.org/mailman/listinfo/scap-security-guide
