STIGQter: STIG Summary: Trend Micro Deep Security 9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 26 Feb 2016:

Trend Deep Security must provide automated mechanisms for supporting account management functions.

DISA Rule

SV-80397r1_rule

Vulnerability Number

V-65907

Group Title

SRG-APP-000023

Rule Version

TMDS-00-000015

Severity

CAT II

CCI(s)

• CCI-000015 - The organization employs automated mechanisms to support the information system account management functions.

Weight

10

Fix Recommendation

Configure the Trend Deep Security server to provide automated mechanisms for supporting account management functions.

Configure the user permissions according to their assigned roles within the organization.

Administration >> User Management >> Users >> Assign Role

Check Contents

Review the Trend Deep Security server configuration to ensure automated mechanisms for supporting account management functions are automated.

Interview the ISSO to determine a list of authorized users and their perspective roles supporting the application. Review the identified users within the following:

Administration >> User Management >> Users >> Assign Role

If the identified users do not match the roles assigned within the application this is a finding.

Vulnerability Number

V-65907

Documentable

False

Rule Version

TMDS-00-000015

Severity Override Guidance

Review the Trend Deep Security server configuration to ensure automated mechanisms for supporting account management functions are automated.

Interview the ISSO to determine a list of authorized users and their perspective roles supporting the application. Review the identified users within the following:

Administration >> User Management >> Users >> Assign Role

If the identified users do not match the roles assigned within the application this is a finding.

Check Content Reference

M

Target Key

2955

Comments