STIGQter STIGQter: STIG Summary: McAfee MOVE AV Multi-Platform 4.5 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Jul 2018:

The McAfee MOVE AV Options Policy must be configured with the location of quarantine to ensure consistency across all systems.

DISA Rule

SV-93265r2_rule

Vulnerability Number

V-78559

Group Title

MV45-OPT-000001

Rule Version

MV45-OPT-000001

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Access the McAfee ePO console.

Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus 4.5.0" from the Product list.

From the Category list, select "Options".

Select each configured Options policy.

Under "Quarantine Manager", configure the Quarantine Directory to <SYSTEM_DRIVE>\Quarantine, or another location authorized by the ISSM.

Click "Save".

Check Contents

Access the McAfee ePO console.

Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus 4.5.0" from the Product list.

From the Category list, select "Options".

Select each configured Options policy.

Under "Quarantine Manager", verify the Quarantine Directory is set to <SYSTEM_DRIVE>\Quarantine or another location authorized by the ISSM.

If the Quarantine Directory is not set to <SYSTEM_DRIVE>\Quarantine, or another location authorized by the ISSM, this is a finding.".

Vulnerability Number

V-78559

Documentable

False

Rule Version

MV45-OPT-000001

Severity Override Guidance

Access the McAfee ePO console.

Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus 4.5.0" from the Product list.

From the Category list, select "Options".

Select each configured Options policy.

Under "Quarantine Manager", verify the Quarantine Directory is set to <SYSTEM_DRIVE>\Quarantine or another location authorized by the ISSM.

If the Quarantine Directory is not set to <SYSTEM_DRIVE>\Quarantine, or another location authorized by the ISSM, this is a finding.".

Check Content Reference

M

Target Key

3233

Comments