STIGQter STIGQter: STIG Summary: Tanium 6.5 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 28 Oct 2016: The permissions on the Tanium Server directory must be restricted to only the Tanium service account.

DISA Rule

SV-81581r1_rule

Vulnerability Number

V-67091

Group Title

SRG-APP-000328

Rule Version

TANS-SV-000024

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Access the Tanium Server interactively.

Log on with an account with administrative privileges to the server.

Open an Explorer window.

Navigate to the C:\Program Files\Tanium folder.

Right-click on the Tanium Server folder, select "Properties".

Select the “Security” tab, click on the “Advanced” button.

Disable folder inheritance.

Change the owner of the directory to the service account [Tanium service account].

Remove User permissions.

Give [Tanium service account] full permissions.

Check Contents

Access the Tanium Server interactively.

Log on with an account with administrative privileges to the server.

Open an Explorer window.

Navigate to the C:\Program Files\Tanium folder.

Right-click on the Tanium Server folder, select “Properties”.
Select the “Security” tab, click on the “Advanced” button.
Validate the owner of the Tanium Server folder is the service account [Tanium service account].
Validate the [Tanium service account] is the only account with full permissions to the Tanium Server folder.
Validate Users have no permissions to the Tanium Server folder.

If any account other than the [Tanium service account] has any full permission to the Tanium Server folder and/or the [Tanium service account] is not the owner of the Tanium Server folder, this is a finding.

Vulnerability Number

V-67091

Documentable

False

Rule Version

TANS-SV-000024

Severity Override Guidance

Access the Tanium Server interactively.

Log on with an account with administrative privileges to the server.

Open an Explorer window.

Navigate to the C:\Program Files\Tanium folder.

Right-click on the Tanium Server folder, select “Properties”.
Select the “Security” tab, click on the “Advanced” button.
Validate the owner of the Tanium Server folder is the service account [Tanium service account].
Validate the [Tanium service account] is the only account with full permissions to the Tanium Server folder.
Validate Users have no permissions to the Tanium Server folder.

If any account other than the [Tanium service account] has any full permission to the Tanium Server folder and/or the [Tanium service account] is not the owner of the Tanium Server folder, this is a finding.

Check Content Reference

M

Target Key

2965

Comments