STIGQter: STIG Summary: Tanium 7.3 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The Tanium Server must be configured to only allow signed content to be imported.

DISA Rule

SV-234087r612749_rule

Vulnerability Number

V-234087

Group Title

SRG-APP-000131

Rule Version

TANS-SV-000015

Severity

CAT II

CCI(s)

• CCI-001749 - The information system prevents the installation of organization-defined software components without verification the software component has been digitally signed using a certificate that is recognized and approved by the organization.

Weight

10

Fix Recommendation

Contact Tanium for a corrected license file.

Check Contents

Note: This requirement only applies to Tanium implementations in production. If implementation being evaluated is in development, this requirement is Not Applicable.

Access the Tanium Server through interactive logon.

Drill to Program Files >> Tanium >> Tanium Server.

Open the "tanium.license" in Notepad and search for "allow_unsigned_import".

If "allow unsigned_import" is followed by ":true", this is a finding.

Vulnerability Number

V-234087

Documentable

False

Rule Version

TANS-SV-000015

Severity Override Guidance

Note: This requirement only applies to Tanium implementations in production. If implementation being evaluated is in development, this requirement is Not Applicable.

Access the Tanium Server through interactive logon.

Drill to Program Files >> Tanium >> Tanium Server.

Open the "tanium.license" in Notepad and search for "allow_unsigned_import".

If "allow unsigned_import" is followed by ":true", this is a finding.

Check Content Reference

M

Target Key

5259

Comments