STIGQter: STIG Summary: Bromium Secure Platform 4.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 May 2018:

The Bromium Enterprise Controller (BEC) must have Threat Intelligence lookup disabled.

DISA Rule

SV-95191r1_rule

Vulnerability Number

V-80483

Group Title

SRG-APP-000516

Rule Version

BROM-00-001315

Severity

CAT III

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Modify the base policy to ensure that the Bromium Threat Intelligence service is disabled.

1. Using the management console, navigate to "Policies" and select the base policy.
2. Navigate to "Security".
3. Navigate to and disable the "Enable Bromium Threat Intelligence?" policy setting.

Check Contents

Review the base policy to ensure that the Bromium Threat Intelligence service is disabled.

1. Using the management console, navigate to "Policies" and select the base policy.
2. Navigate to "Security".
3. Navigate to and inspect the "Enable Bromium Threat Intelligence?" policy setting.

If the Bromium Threat Intelligence service is enabled, this is a finding.

Vulnerability Number

V-80483

Documentable

False

Rule Version

BROM-00-001315

Severity Override Guidance

Review the base policy to ensure that the Bromium Threat Intelligence service is disabled.

1. Using the management console, navigate to "Policies" and select the base policy.
2. Navigate to "Security".
3. Navigate to and inspect the "Enable Bromium Threat Intelligence?" policy setting.

If the Bromium Threat Intelligence service is enabled, this is a finding.

Check Content Reference

M

Target Key

3375

Comments