Check diagnostic and maintenance media for malicious code before you use it.
What it actually means
Check media containing diagnostic and test programs for malicious code before using it on your systems. Vendor maintenance tools and diagnostic USBs can carry malware — scan them before they touch your environment.
Pass or fail — an assessor needs a "yes" to each
- Is diagnostic and test media scanned for malicious code before use on your systems?
What to have ready
- Procedure requiring scanning of maintenance media
- Anti-malware scan records for maintenance media
Where teams trip up
- Plugging vendor diagnostic media straight into systems
- No scanning step for maintenance tools
See where this control puts your score
Run all 110 requirements free in about 10 minutes.
Calculate your SPRS score →