NIST 800-53 REV 5 • SYSTEM AND INFORMATION INTEGRITY

SI-3(6)Testing and Verification

Test malicious code protection mechanisms {{ insert: param, si-03.06_odp }} by introducing known benign code into the system; and Verify that the detection of the code and the associated incident reporting occur.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

Supplemental Guidance

None.

Practitioner Notes

Periodically test your malicious code protection to verify it actually detects threats — do not just assume it works because it is installed.

Example 1: Use the EICAR test file to verify your antivirus is working. Download the EICAR test string from eicar.org — it is a harmless file that every legitimate antivirus product detects as "malware." If your AV does not alert, you have a problem.

Example 2: Conduct periodic red team exercises or phishing simulations that include benign payload delivery. Track whether your endpoint protection detects and blocks the simulated attacks. Use the results to tune your detection policies.

More System and Information Integrity Controls

SI-1 Policy and Procedures SI-2 Flaw Remediation SI-2(1) Central Management SI-2(2) Automated Flaw Remediation Status