{"description": "Virus scanning software can be used to protect a system from penetration from\ncomputer viruses and to limit their spread through intermediate systems.\n\nThe virus scanning software should be configured to perform scans dynamically\non accessed files. If this capability is not available, the system must be\nconfigured to scan, at a minimum, all altered files on the system on a daily\nbasis.\n\nIf the system processes inbound SMTP mail, the virus scanner must be configured\nto scan all received mail.", "rationale": "Virus scanning software can be used to detect if a system has been compromised by\ncomputer viruses, as well as to limit their spread to other systems.", "severity": "high", "references": {"cis-csc": ["12", "13", "14", "4", "7", "8"], "cobit5": ["APO01.06", "APO13.02", "BAI02.01", "BAI06.01", "DSS04.07", "DSS05.01", "DSS05.02", "DSS05.03", "DSS06.06"], "isa-62443-2009": ["4.3.4.3.8", "4.4.3.2"], "isa-62443-2013": ["SR 3.2", "SR 3.3", "SR 3.4", "SR 4.1"], "iso27001-2013": ["A.12.2.1", "A.14.2.8", "A.8.2.3"], "nist": ["CM-6(a)"], "nist-csf": ["DE.CM-4", "DE.DP-3", "PR.DS-1"], "srg": ["SRG-OS-000480-GPOS-00227"]}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": "there is no anti-virus solution installed on the system", "ocil": "Verify an anti-virus solution is installed on the system. The anti-virus solution may be\nbundled with an approved host-based security solution.", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": "system_with_kernel", "platforms": ["system_with_kernel"], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": ["system_with_kernel"], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Install Virus Scanning Software", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/software/integrity/endpoint_security_software/install_antivirus/rule.yml", "template": null}