Information Security

CIS Safeguard 10.1 - Deploy and Maintain Anti-Malware Software

Last modified 7/16/2021

Objective

Deploy and maintain anti-malware software on all enterprise assets.

Guidance

The Information Security Office provides the following guidance for complying with CIS Control 10 - Malware Defenses.

  • Windows Desktop

The Information Security Office manages a baseline configuration for complying with CIS Control 10 - Malware Defenses. Devices successfully configured with the items below will be considered compliant.

  • Deploy ConfigMgr Antimalware Policy

Deploy the Antimalware Policy named ISU Antimalware Policy in ConfigMgr.

For more information, follow this procedure here - Deploying a ConfigMgr Antimalware Policy Procedure

  • Deploy ConfigMgr Microsoft Defender for Endpoint Policy

Deploy the Microsoft Defender for Endpoint Policy named ISU Microsoft Defender for Endpoint in ConfigMgr.

For more information, follow this procedure here - Deploying a ConfigMgr Microsoft Defender for Endpoint Policy Procedure

  • Deploy Configuration Baseline

Deploy the Configuration Baseline named ISU CIS Control 10 - Malware Defenses, with remediation enabled to your devices using Microsoft Endpoint Configuration Manager (ConfigMgr).

For more information, follow this procedure here - Deploying a ConfigMgr Configuration Baseline Procedure

  • Configuration Baseline Settings

Configuration Item - ISU CIS Safeguard 10.1 

Powershell Script
  • Check to see if Windows Defender is enabled.
  • Check to see if Windows Defender for Endpoint is onboarded and enabled.

  • Verify Device Compliance

Monitor your deployment of Configuration Baseline ISU CIS Control 10 - Malware Defenses in ConfigMgr.

For more information, follow this procedure here - Monitoring a ConfigMgr Configuration Baseline Procedure

Additional Information

The following items are to provide context or better understanding of this standard:

  • CIS Controls v8 License Statement

This work is licensed under a Creative Commons Attribution-Non Commercial-No Derivatives 4.0 International Public License (the link can be found at https://creativecommons.org/licenses/bync-nd/4.0/legalcode). To further clarify the Creative Commons license related to the CIS Controls content, you are authorized to copy and redistribute the content as a framework for use by you, within your organization and outside of your organization, for non-commercial purposes only, provided that (i) appropriate credit is given to CIS, and (ii) a link to the license is provided. Additionally, if you remix, transform, or build upon the CIS Controls, you may not distribute the modified materials. Users of the CIS Controls framework are also required to refer to (http://www.cisecurity.org/controls/) when referring to the CIS Controls in order to ensure that users are employing the most up-to-date guidance. Commercial use of the CIS Controls is subject to the prior approval of CIS® (Center for Internet Security, Inc.®).