STIGQter STIGQter: STIG Summary: McAfee Application Control 8.x Security Technical Implementation Guide Version: 1 Release: 5 Benchmark Date: 26 Jul 2019: The organizations written policy must include procedures for how often the whitelist of allowed applications is reviewed.

DISA Rule

SV-88881r1_rule

Vulnerability Number

V-74207

Group Title

SRG-APP-000386

Rule Version

MCAC-PO-000110

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Follow the formal change and acceptance process to update the written policy to include a process for how often the application whitelist is reviewed.

Check Contents

Consult with the ISSO/ISSM to review the organizational-specific written policy for the McAfee Application Control software.

Verify the written policy includes a process for how often the application whitelist is reviewed.

If no written policy exists, this is a finding.

If written policy does not include a process for how often the application whitelist is reviewed, this is a finding.

Vulnerability Number

V-74207

Documentable

False

Rule Version

MCAC-PO-000110

Severity Override Guidance

Consult with the ISSO/ISSM to review the organizational-specific written policy for the McAfee Application Control software.

Verify the written policy includes a process for how often the application whitelist is reviewed.

If no written policy exists, this is a finding.

If written policy does not include a process for how often the application whitelist is reviewed, this is a finding.

Check Content Reference

M

Target Key

3143

Comments