STIGQter STIGQter: STIG Summary: Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 Mar 2021:

The Ubuntu operating system must deploy Endpoint Security for Linux Threat Prevention (ENSLTP).

DISA Rule

SV-238336r654183_rule

Vulnerability Number

V-238336

Group Title

SRG-OS-000191-GPOS-00080

Rule Version

UBTU-20-010415

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

The Ubuntu operating system is not compliant with this requirement; however, the severity level can be mitigated to a CAT III if the ENSLTP module is installed and running.

Configure the Ubuntu operating system to use ENSLTP.

Install the "mfetp" package:

# sudo apt-get install mfetp

Check Contents

The Ubuntu operating system is not compliant with this requirement; hence, it is a finding. However, the severity level can be mitigated to a CAT III if the ENSLTP module is installed and running.

Check that the "mfetp" package has been installed:

# dpkg -l | grep mfetp

If the "mfetp" package is not installed, this finding will remain as a CAT II.

Check that the daemon is running:

# /opt/McAfee/ens/tp/init/mfetpd-control.sh status

If the daemon is not running, this finding will remain as a CAT II.

Vulnerability Number

V-238336

Documentable

False

Rule Version

UBTU-20-010415

Severity Override Guidance

The Ubuntu operating system is not compliant with this requirement; hence, it is a finding. However, the severity level can be mitigated to a CAT III if the ENSLTP module is installed and running.

Check that the "mfetp" package has been installed:

# dpkg -l | grep mfetp

If the "mfetp" package is not installed, this finding will remain as a CAT II.

Check that the daemon is running:

# /opt/McAfee/ens/tp/init/mfetpd-control.sh status

If the daemon is not running, this finding will remain as a CAT II.

Check Content Reference

M

Target Key

5318

Comments