The IDPS must block malicious code.
Configuring the IDPS to delete and/or quarantine based on local organizational incident handling procedures minimizes the impact of this code on the network.
Configure the IDPS to block malicious code.
Verify the IDPS blocks malicious code. If the IDPS does not block malicious code, this is a finding.