STIGQter STIGQter: STIG Summary: Tanium 6.5 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 28 Oct 2016: Any configured EMAIL RESULTS connectors must be configured to enable TLS/SSL to encrypt communications.

DISA Rule

SV-81605r1_rule

Vulnerability Number

V-67115

Group Title

SRG-APP-000442

Rule Version

TANS-SV-000037

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Using a web browser on a system that has connectivity to the Tanium Server, access the Tanium Server web user interface (UI) and log on with CAC.

Click on "Administration".

Select the "Connect" tab.

Click on "Configured Connectors".

Select each "Email Results" connector which is configured with "Enable TLS/SSL" set to "false".

Click the "Edit" button at the top right of the screen.

Place a check in the "Enable TLS/SSL" check box.

Click on “Save Changes”.

Check Contents

Using a web browser on a system that has connectivity to the Tanium Server, access the Tanium Server web user interface (UI) and log on with CAC.

Click on "Administration".

Select the "Connect" tab.

Click on "Configured Connectors".

If no "Email Results" connectors are configured, this is Not Applicable.

For each "Email Results" connector, select the connector to reveal its properties.

Validate the "Enable TLS/SSL" is set to "true".

If any configured "Email Results" connectors are configured for "Enable TLS/SSL" set to "false", this is a finding.

Vulnerability Number

V-67115

Documentable

False

Rule Version

TANS-SV-000037

Severity Override Guidance

Using a web browser on a system that has connectivity to the Tanium Server, access the Tanium Server web user interface (UI) and log on with CAC.

Click on "Administration".

Select the "Connect" tab.

Click on "Configured Connectors".

If no "Email Results" connectors are configured, this is Not Applicable.

For each "Email Results" connector, select the connector to reveal its properties.

Validate the "Enable TLS/SSL" is set to "true".

If any configured "Email Results" connectors are configured for "Enable TLS/SSL" set to "false", this is a finding.

Check Content Reference

M

Target Key

2965

Comments