STIGQter: STIG Summary: Tanium 7.0 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 July 2018:

Documentation identifying Tanium console users and their respective User Roles must be maintained.

DISA Rule

SV-93313r1_rule

Vulnerability Number

V-78607

Group Title

SRG-APP-000033

Rule Version

TANS-CN-000005

Severity

CAT II

CCI(s)

• CCI-000213 - The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies.

Weight

10

Fix Recommendation

Prepare and maintain documentation identifying the Tanium console users and their respective User Roles and AD security groups.

Check Contents

Consult with the Tanium System Administrator to review the documented list of Tanium users. The users' respective, approved roles, as well as the correlated Active Directory security group for the User Roles, must be documented.

If the site does not have the Tanium users and their respective, approved roles and AD security groups documented, this is a finding.

Vulnerability Number

V-78607

Documentable

False

Rule Version

TANS-CN-000005

Severity Override Guidance

Consult with the Tanium System Administrator to review the documented list of Tanium users. The users' respective, approved roles, as well as the correlated Active Directory security group for the User Roles, must be documented.

If the site does not have the Tanium users and their respective, approved roles and AD security groups documented, this is a finding.

Check Content Reference

M

Target Key

3215

Comments