Configure Virus and Malware Protection settings in accordance with organizational standards.
CONTROL ID 07906
CONTROL TYPE Configuration
CLASSIFICATION Preventive
SUPPORTING AND SUPPORTED CONTROLS
This Control directly supports the implied Control(s):
Establish, implement, and maintain system hardening procedures., CC ID: 12001
This Control has the following implementation support Control(s):
Configure "Turn on behavior monitoring" to organizational standards., CC ID: 15407
Configure "Turn off real-time protection" to organizational standards., CC ID: 15406
Configure "Scan all downloaded files and attachments" to organizational standards., CC ID: 15404
Configure "Scan removable drives" to organizational standards., CC ID: 15401
Configure "Configure Attack Surface Reduction rules: Set the state for each ASR rule" to organizational standards., CC ID: 15392
Configure "Join Microsoft MAPS" to organizational standards., CC ID: 15384
Configure "Configure detection for potentially unwanted applications" to organizational standards., CC ID: 15375
Configure "Turn off Microsoft Defender AntiVirus" to organizational standards., CC ID: 15371
Configure "Enable file hash computation feature" to organizational standards., CC ID: 15340
Configure the "Internet Explorer Processes" to organizational standards., CC ID: 07907
Configure the "Turn on the auto-complete feature for user names and passwords on forms" to organizational standards., CC ID: 07941
Configure the "Automatic prompting for file downloads" to organizational standards., CC ID: 07950
Configure the "Use SmartScreen Filter" to organizational standards., CC ID: 07952
Configure the "Run ActiveX controls and plugins" to organizational standards., CC ID: 07954
Configure the "Java permissions" to organizational standards., CC ID: 07969
Configure the "Use Pop-up Blocker" to organizational standards., CC ID: 07990
Configure the "Prevent Bypassing SmartScreen Filter Warnings" to organizational standards., CC ID: 07994
Configure the "Allow cut, copy or paste operations from the clipboard via script" to organizational standards., CC ID: 07997
Configure the "Allow software to run or install even if the signature is invalid" to organizational standards., CC ID: 08019
Configure the "Do not allow users to enable or disable add-ons" to organizational standards., CC ID: 08035
Configure the "Disable AutoComplete for forms" to organizational standards., CC ID: 08066
Configure the "Download unsigned ActiveX controls" to organizational standards., CC ID: 08073
Configure the "Scripting of Java applets" to organizational standards., CC ID: 08105
Configure the "Allow only approved domains to use ActiveX controls without prompt" to organizational standards., CC ID: 08374
Configure the "Prevent per-user installation of ActiveX controls" to organizational standards., CC ID: 08382
Configure the "Turn on Cross-Site Scripting Filter" to organizational standards., CC ID: 08395
Configure the "Turn on certificate address mismatch warning" to organizational standards., CC ID: 08410
Configure the "Show security warning for potentially unsafe files" to organizational standards., CC ID: 08412
Configure the "Turn on Protected Mode" to organizational standards., CC ID: 08471
Configure the "Do not allow ActiveX controls to run in Protected Mode when Enhanced Protected Mode is enabled" to organizational standards., CC ID: 08510
Configure the "Check for signatures on downloaded programs" to organizational standards., CC ID: 08584
Configure the "Specify use of ActiveX Installer Service for installation of ActiveX controls" to organizational standards., CC ID: 08587
Configure the "Prevent changing the URL for checking updates to Internet Explorer and Internet Tools" to organizational standards., CC ID: 08589
Configure the "Enable MIME Sniffing" to organizational standards., CC ID: 08591
Configure "Prevent downloading of enclosures" to organizational standards., CC ID: 08612
SELECTED AUTHORITY DOCUMENTS COMPLIED WITH
Organizations should continuously monitor all images for embedded malware. The monitoring processes should include the use of malware signature sets and behavioral detection heuristics based largely on actual "in the wild" attacks. (4.1.3 ΒΆ 1, NIST SP 800-190, Application Container Security Guide)