STIGQter: STIG Summary: Trend Micro Deep Security 9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 26 Feb 2016:

Trend Deep Security must be configured to perform real-time malicious code protection scans of files from external sources at endpoints as the files are downloaded, opened, or executed in accordance with organizational security policy.

DISA Rule

SV-80435r1_rule

Vulnerability Number

V-65945

Group Title

SRG-APP-000278

Rule Version

TMDS-00-000215

Severity

CAT II

CCI(s)

• CCI-001242 - The organization configures malicious code protection mechanisms to perform real-time scans of files from external sources at endpoints as the files are downloaded, opened, or executed in accordance with organizational security policy.

Weight

10

Fix Recommendation

Configure the Trend Deep Security server to perform real-time malicious code protection scans of files from external sources at endpoints as the files are downloaded, opened, or executed in accordance with organizational security policy.

To enable malicious code protection via the anti-malware, configure the following settings under the “Policies” tab.
Under “Policies” right clicking and selecting “Details.” Configure the following settings:

1. Under the Overview >> General tab, set "Anti-Malware" to “On”
2. Under the Anti-Malware >> General tab, set “Real-Time Scan” to “Default”. Click “OK” when finished.

Check Contents

Review the Trend Deep Security server to ensure real-time malicious code protection scans are performed on files from external sources at endpoints as the files are downloaded, opened, or executed in accordance with organizational security policy.

Verify the Anti-Malware, Real-Time Scan is enabled by reviewing the following settings under the “Policies” tab. Under “Policies” right click and select “Details” and choose “Anti-Malware.

Review the following settings: Anti-Malware State is set to “On” and the “Real-Time Scan” is set to “Default.”

If the two settings are not configured accordingly, this is a finding.

Vulnerability Number

V-65945

Documentable

False

Rule Version

TMDS-00-000215

Severity Override Guidance

Review the Trend Deep Security server to ensure real-time malicious code protection scans are performed on files from external sources at endpoints as the files are downloaded, opened, or executed in accordance with organizational security policy.

Verify the Anti-Malware, Real-Time Scan is enabled by reviewing the following settings under the “Policies” tab. Under “Policies” right click and select “Details” and choose “Anti-Malware.

Review the following settings: Anti-Malware State is set to “On” and the “Real-Time Scan” is set to “Default.”

If the two settings are not configured accordingly, this is a finding.

Check Content Reference

M

Target Key

2955

Comments