CMMC Domain SI System and Information Integrity

Protect your network from malicious code execution by applying security patches in a timely manner and using anti-malware software.

SI.3.220
Utilize sandboxing to detect or block potentially malicious email.
SI.1.212
Update malicious code protection mechanisms when new releases are available.
SI.3.218
Employ spam protection mechanisms at information system access entry and exit points.
SI.2.216
Monitor organizational systems, including inbound and outbound communications traffic, to detect attacks and indicators of potential attacks.
SI.1.210
Identify, report, and correct information system flaws in a timely manner.
SI.2.214
Monitor system security alerts and advisories and take action in response.
SI.4.221
Use threat indicator information relevant to the information and systems being protected and effective mitigations obtained from external organizations to inform intrusion detection and threat hunting.
SI.5.223
Monitor individuals and system components on an ongoing basis for anomalous or suspicious behavior.
SI.2.217
Identify unauthorized use of organizational systems.
SI.3.219
Implement email forgery protections.
SI.1.213
Perform periodic scans of information systems and real-time scans of files from external sources as files are downloaded, opened, or executed.
SI.1.211
Provide protection from malicious code at appropriate locations within organizational information systems.
SI.5.222
Analyze system behavior to detect and mitigate execution of normal system commands and scripts that indicate malicious actions.