STIGQter: STIG Summary: McAfee Application Control 8.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020: STIGQter: STIG Summary: McAfee Application Control 8.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:SV-213341r557322_rule
V-213341
SRG-APP-000386
MCAC-TE-000115
CAT II
10
From the McAfee ePO console, select Menu >> Systems >> System Tree.
To apply a client task to a group, select a group in the System Tree and switch to the "Assigned Client Tasks" tab.
To apply a client task to an endpoint, select the endpoint on the "Systems" page and then click Actions >> Agent >> Modify Tasks on a Single System.
Click Actions >> New Client Task Assignment to open the "Client Task Assignment Builder" page.
Select "Solidcore 8.x" for the product and "SC: Pull Inventory" for the task type and then click "Create New Task" to open the "Client Task Catalog" page.
Specify the task name and add any descriptive information.
Click "Save".
Click "Next" to open the "Schedule" page. Schedule the task to run at least as frequently as every 7 days and then click "Next".
Review and verify the task details and then click "Save".
Note: For VDI workstations that are reset copies of a VDI master image, this requirement is Not Applicable. For VDI master images, once an inventory is pulled after updates, further inventory is not required.
Note: This requirement is only applicable to Windows platforms. For MAC and Linux platforms, this is Not Applicable.
Consult with the ISSO to determine the endpoints used for the sampling of inventory pulls.
From the McAfee ePO console, select Menu >> Systems >> System Tree.
If sampling is a group, select the group in the System Tree and switch to the “Assigned Client Tasks” tab.
Otherwise, select each endpoint on the “Systems” page and then click Actions >> Agent >> Modify Tasks on a Single System.
Confirm a client task exists with an “SC: Pull Inventory” task type. Review the task properties to validate the task is configured to run at least as frequently as every 7 days and tasks randomize the inventory pulls.
If a sampling of endpoints does not have a “Pull Inventory” task type applied and/or the “Pull Inventory” task is not configured to run at least as frequently as every 7 days at randomized intervals, this is a finding.
V-213341
False
MCAC-TE-000115
Note: For VDI workstations that are reset copies of a VDI master image, this requirement is Not Applicable. For VDI master images, once an inventory is pulled after updates, further inventory is not required.
Note: This requirement is only applicable to Windows platforms. For MAC and Linux platforms, this is Not Applicable.
Consult with the ISSO to determine the endpoints used for the sampling of inventory pulls.
From the McAfee ePO console, select Menu >> Systems >> System Tree.
If sampling is a group, select the group in the System Tree and switch to the “Assigned Client Tasks” tab.
Otherwise, select each endpoint on the “Systems” page and then click Actions >> Agent >> Modify Tasks on a Single System.
Confirm a client task exists with an “SC: Pull Inventory” task type. Review the task properties to validate the task is configured to run at least as frequently as every 7 days and tasks randomize the inventory pulls.
If a sampling of endpoints does not have a “Pull Inventory” task type applied and/or the “Pull Inventory” task is not configured to run at least as frequently as every 7 days at randomized intervals, this is a finding.
M
3982