V-205850
SV-205850r991589_rule
CAT I
Windows Server 2019 must use an anti-virus program.
From: Microsoft Windows Server 2019 Security Technical Implementation Guide (V3R8)
Description
<VulnDiscussion>Malicious software can establish a base on individual desktops and servers. Employing an automated mechanism to detect this type of software will aid in elimination of the software from the operating system.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
Check Procedure
Verify an anti-virus solution is installed on the system. The anti-virus solution may be bundled with an approved host-based security solution.
If there is no anti-virus solution installed on the system, this is a finding.
Verify if Windows Defender is in use or enabled:
Open "PowerShell".
Enter “get-service | where {$_.DisplayName -Like "*Defender*"} | Select Status,DisplayName”
Verify if third-party anti-virus is in use or enabled:
Open "PowerShell".
Enter "get-service | where {$_.DisplayName -Like "*mcafee*"} | Select Status,DisplayName”
Enter "get-service | where {$_.DisplayName -Like "*symantec*"} | Select Status,DisplayName”
Fix Text
If no anti-virus software is in use, install Windows Defender or third-party anti-virus.
Open "PowerShell".
Enter "Install-WindowsFeature -Name Windows-Defender”.
For third-party anti-virus, install per anti-virus instructions and disable Windows Defender.
Open "PowerShell".
Enter "Uninstall-WindowsFeature -Name Windows-Defender”.
CCI Reference
CCI-000366- Created
- 2026-04-07 20:08:25
- Last Updated
- 2026-04-07 20:08:25