SI-3 (4)     Malicious Code Protection | Updates Only By Privileged Users 

The information system updates malicious code protection mechanisms only when directed by a privileged user.

                    
                

            


        

    


    

        

        

            

                
Applicable CNSSI 1253 Baselines

            

        


        

            


                


                    

                        

                            

                                
Confidentiality

                            

                        

                        

                            

                                
    
                                    
  • 
                                        
                                        L
                                        
                                    
    • 
                                    
  • 
                                        
                                        M
                                        
                                    
    • 
                                    
  • 
                                        
                                        H
                                        
                                    
    • 
                                

                            

                            
                        

                    


                    

                        

                            

                                
Integrity

                            

                        

                        

                            

                                
    
                                    
  • 
                                        
                                        L
                                        
                                    
    • 
                                    
  • 
                                        
                                        M
                                        
                                    
    • 
                                    
  • 
                                        
                                        H
                                        
                                    
    • 
                                

                            

                            
                        

                    


                    

                        

                            

                                
Availability

                            

                        

                        

                            

                                
    
                                    
  • 
                                        
                                        L
                                        
                                    
    • 
                                    
  • 
                                        
                                        M
                                        
                                    
    • 
                                    
  • 
                                        
                                        H
                                        
                                    
    • 
                                

                            

                            
                        

                    


                


            


        


        
        

        

            

                
Supplemental Guidance

            

        

        

            

                
This control enhancement may be appropriate for situations where for reasons of security or operational continuity, updates are only applied when selected/approved by designated organizational personnel.

            

        

        

        
        

        

            

                
Related Controls