STIGQter: STIG Summary: Forescout Network Device Management Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

Forescout must prohibit installation of software without explicit privileged permission by only authorized individuals.

DISA Rule

SV-230946r615886_rule

Vulnerability Number

V-230946

Group Title

SRG-APP-000378-NDM-000302

Rule Version

FORE-NM-000190

Severity

CAT II

CCI(s)

CCI-001812 - The information system prohibits user installation of software without explicit privileged status.

Weight

Fix Recommendation

Remove accounts that are not authorized. Do not remove the account of last resort.

Compare users with the current SSP and ensure only the users that should have the privilege to update software have the Software Upgrade privilege selected.

1. From the menu, select Tools >> Options >> User Console and Options.
2. Select (highlight) the user profile to be reviewed (group or user) and then select Edit >> Permissions.
3. Disable or delete unauthorized users.

Check Contents

Determine if the network device prohibits installation of software without explicit privileged status. This requirement may be verified by demonstration or configuration review.

1. From the menu, select Tools >> Options >> User Console and Options.
2. Select (highlight) the user profile to be reviewed (group or user) and then select Edit >> Permissions.
3. Check a sampling of users against the current SSP to verify only the users that should have privilege to update software have the Software Upgrade privilege selected.

If installation of software is not prohibited without explicit privileged status, this is a finding.

Forescout must prohibit installation of software without explicit privileged permission by only authorized individuals.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments