STIGQter: STIG Summary: Trend Micro Deep Security 9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 26 Feb 2016:

Trend Deep Security must configure malicious code protection mechanisms to perform periodic scans of the information system every seven (7) days.

DISA Rule

SV-80433r1_rule

Vulnerability Number

V-65943

Group Title

SRG-APP-000277

Rule Version

TMDS-00-000210

Severity

CAT II

CCI(s)

• CCI-001241 - The organization configures malicious code protection mechanisms to perform periodic scans of the information system on an organization-defined frequency.

Weight

10

Fix Recommendation

Configure the Trend Deep Security server malicious code protection mechanisms to perform periodic scans of the information system every seven (7) days.

To enable malicious code protection via the anti-malware, configure the following settings under the “Policies” tab.
Under “Policies” right clicking and selecting “Details.” Configure the following settings:

1. Under the Overview >> General tab, set "Anti-Malware" to “On”
2. Under the Anti-Malware >> General tab, set “Real-Time Scan” to “Default”
3. Under the Anti-Malware >> General tab, set a weekly scan under “Scheduled” by selecting “New”. Name the scheduled scan “Weekly” and configure it for a select day and time of the week. Click “OK” when finished.

Check Contents

Review the Trend Deep Security server configuration to ensure malicious code protection mechanisms perform periodic scans of the information system every seven (7) days.

Analyze one of the custom policies under the “Policies” tab, by right clicking and selecting “Details.”
Verify the following settings are enabled:

1. Under the Overview >> General tab, "Anti-Malware" is set to “On”
2. Under the Anti-Malware >> General tab, “Real-Time Scan” is set to “Default”
3. Under the Anti-Malware >> General tab, a custom “Malware Scan Configuration” is enabled with a Schedule configured to no more than 7 days.

If "Anti-Malware" is set anything other than “On” this is a finding.

If “Malware Scan Configuration” is set to “No Configuration,” this is a finding.

Vulnerability Number

V-65943

Documentable

False

Rule Version

TMDS-00-000210

Severity Override Guidance

Review the Trend Deep Security server configuration to ensure malicious code protection mechanisms perform periodic scans of the information system every seven (7) days.

Analyze one of the custom policies under the “Policies” tab, by right clicking and selecting “Details.”
Verify the following settings are enabled:

1. Under the Overview >> General tab, "Anti-Malware" is set to “On”
2. Under the Anti-Malware >> General tab, “Real-Time Scan” is set to “Default”
3. Under the Anti-Malware >> General tab, a custom “Malware Scan Configuration” is enabled with a Schedule configured to no more than 7 days.

If "Anti-Malware" is set anything other than “On” this is a finding.

If “Malware Scan Configuration” is set to “No Configuration,” this is a finding.

Check Content Reference

M

Target Key

2955

Comments