NIST 800-171 R-3.7.4
Check Maintenance Media for Malicious Code
Official citation: 3.7.4
Class: core · Severity: medium
Statement of the obligation — verify against source
3.7.4
What it means
Check media that carries diagnostic and test programs for malicious code before using it on your systems. If you find malicious code, handle it through your incident-response process.
Educational reference only — not legal advice. Consult a qualified assessor or attorney for binding compliance determinations.