STIGQter STIGQter: STIG Summary: McAfee VirusScan 8.8 Local Client STIG Version: 5 Release: 16 Benchmark Date: 27 Jul 2018: McAfee VirusScan Access Protection Rules Common Standard Protection must be set to prevent modification of McAfee Common Management Agent files and settings.

DISA Rule

SV-55281r2_rule

Vulnerability Number

V-42553

Group Title

DTAM142 - Access Protection preventing modification of McAfee CMA

Rule Version

DTAM142

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Access the local VirusScan console by clicking Start->All Programs->McAfee->VirusScan Console.
Under the Task column, select Access Protection, right-click, and select Properties.

Under the Access Protection tab, locate the "Access protection rules:" label. In the "Categories" box, select "Common Standard Protection". Select "Prevent modification of McAfee Common Management Agent files and settings" (Block and Report) options.

Click OK to Save.

Check Contents

Note: If the HIPS signature 3899 is enabled to provide this same protection, this check is not applicable.

Access the local VirusScan console by clicking Start->All Programs->McAfee->VirusScan Console.
Under the Task column, select Access Protection, right-click, and select Properties.

Under the Access Protection tab, locate the "Access protection rules:" label.
In the "Categories" box, select "Common Standard Protection".
Ensure "Prevent modification of McAfee Common Management Agent files and settings" (Block and Report) options are selected.

Criteria: If "Prevent modification of McAfee Common Management Agent files and settings" (Block and Report) options are both selected, this is not a finding.

Vulnerability Number

V-42553

Documentable

False

Rule Version

DTAM142

Severity Override Guidance

Note: If the HIPS signature 3899 is enabled to provide this same protection, this check is not applicable.

Access the local VirusScan console by clicking Start->All Programs->McAfee->VirusScan Console.
Under the Task column, select Access Protection, right-click, and select Properties.

Under the Access Protection tab, locate the "Access protection rules:" label.
In the "Categories" box, select "Common Standard Protection".
Ensure "Prevent modification of McAfee Common Management Agent files and settings" (Block and Report) options are selected.

Criteria: If "Prevent modification of McAfee Common Management Agent files and settings" (Block and Report) options are both selected, this is not a finding.

Check Content Reference

M

Target Key

605

Comments