STIGQter: STIG Summary: Tanium 7.0 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 July 2018:

Tanium public keys of content providers must be validated against documented trusted content providers.

DISA Rule

SV-93371r1_rule

Vulnerability Number

V-78665

Group Title

SRG-APP-000015

Rule Version

TANS-SV-000005

Severity

CAT II

CCI(s)

• CCI-001453 - The information system implements cryptographic mechanisms to protect the integrity of remote access sessions.

Weight

10

Fix Recommendation

Access the Tanium Server interactively.

Log on with an account with administrative privileges to the server.

Open an Explorer window.

Navigate to the following folder: Program Files >> Tanium >> Tanium Server >> content_public_keys >> content folder.

If a public key, other than the default Tanium public key, resides in the content folder, use a hashing utility (e.g., TaniumFileInfo.exe) to determine the hash of the public key.

Document the owner, the name of the key, and the associated hash of the public key.

Check Contents

Note: If only using Tanium provided content and not accepting content from any other content providers, this is "Not Applicable".

Obtain documentation from the Tanium System Administrator that contains the public key validation data.

Access the Tanium Server interactively.

Log on with an account with administrative privileges to the server.

Open an Explorer window.

Navigate to the following folder: Program Files >> Tanium >> Tanium Server >> content_public_keys >> content folder.

Ensure the public keys listed in the content folder are documented.

If a public key, other than the default Tanium public key, resides in the content folder and is not documented, this is a finding.

Vulnerability Number

V-78665

Documentable

False

Rule Version

TANS-SV-000005

Severity Override Guidance

Note: If only using Tanium provided content and not accepting content from any other content providers, this is "Not Applicable".

Obtain documentation from the Tanium System Administrator that contains the public key validation data.

Access the Tanium Server interactively.

Log on with an account with administrative privileges to the server.

Open an Explorer window.

Navigate to the following folder: Program Files >> Tanium >> Tanium Server >> content_public_keys >> content folder.

Ensure the public keys listed in the content folder are documented.

If a public key, other than the default Tanium public key, resides in the content folder and is not documented, this is a finding.

Check Content Reference

M

Target Key

3215

Comments