Employs malicious code protection mechanisms at information system entry and exit points to detect and eradicate malicious code;
Updates malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures;
Configures malicious code protection mechanisms to:
Perform periodic scans of the information system [Assignment: organization-defined frequency] and real-time scans of files from external sources at [Selection (one or more); endpoint; network entry/exit points] as the files are downloaded, opened, or executed in accordance with organizational security policy; and
[Selection (one or more): block malicious code; quarantine malicious code; send alert to administrator; [Assignment: organization-defined action]] in response to malicious code detection; and
Addresses the receipt of false positives during malicious code detection and eradication and the resulting potential impact on the availability of the information system.