3.13.14Control and monitor the use of Voice over Internet Protocol (VoIP) technologiesDerived
    3.13.15Protect the authenticity of communications sessionsDerived
    3.13.16Protect the confidentiality of CUI at restDerived
    3.14.1Identify, report, and correct system flaws in a timely mannerBase
    3.14.2Provide protection from malicious code at designated locations within organizational systemsBase
    3.14.3Monitor system security alerts and advisories and take action in responseBase
    3.14.4Update malicious code protection mechanisms when new releases are availableDerived
    3.14.5Perform periodic scans of organizational systems and real-time scans of files from external sources as files are downloaded, opened, or executedDerived
    3.14.6Monitor organizational systems, including inbound and outbound communications traffic, to detect attacks and indicators of potential attacksDerived
    3.14.7Identify unauthorized use of organizational systemsDerived