CMMC Practice SC.4.202: Employ mechanisms to analyze executable code and scripts (e.g., sandbox) traversing Internet network boundaries or other organizationally defined boundaries.
CMMC CLARIFICATION (Ref CMMC – Appendix B)
The organization shall install systems that automatically analyze executable and mobile code passing through the system boundary (e.g., downloaded from the Internet or other transmission method.) This practice is not focused on email, which is covered in practice SI.3.220. Any executable or mobile code identified as suspicious should be quarantined andnot allowed to pass through to the user until confirmed not to be malware or required for a business purposes.