STIGQter STIGQter: STIG Summary: McAfee MOVE AV Agentless 4.5 Security Technical Implementation Guide

Version: 1

Release: 1 Benchmark Date: 11 Dec 2017

CheckedNameTitle
SV-93167r1_ruleThe admin password for the McAfee MOVE AV Agentless Security Virtual Machine (SVM) must be changed from the default.
SV-93169r1_ruleThe McAfee MOVE AV On Access Scan policy must be configured to enable protection.
SV-93171r1_ruleThe McAfee MOVE AV On Access Scan policy must be configured to enforce a maximum On-Access Scan timeout of no less than 45 seconds.
SV-93173r1_ruleThe McAfee MOVE AV On Access Scan policy must be configured to scan files when writing to disk.
SV-93175r1_ruleThe McAfee MOVE AV On Access Scan policy must be configured to scan files when reading from disk.
SV-93177r1_ruleThe McAfee MOVE AV On Access Scan policy must be configured to scan all file types.
SV-93179r1_rulePath or file exclusions configured in the McAfee MOVE AV On Access Scan policy must be formally documented by the System Administrator and approved by the ISSO/ISSM.
SV-93181r1_ruleThe McAfee MOVE AV On Access Scan policy must be configured to delete files automatically and quarantine as the first response of a threat detection.
SV-93183r1_ruleThe McAfee MOVE AV policy must be configured to enable On-Demand scanning.
SV-93185r1_ruleThe McAfee MOVE AV On Demand Scan policy must be configured to enforce a maximum time for each file scan of no less than 45 seconds.
SV-93187r1_ruleThe McAfee MOVE AntiVirus On Demand Scan policy must be configured to stop an on-demand scan after 150 minutes.
SV-93189r1_ruleThe McAfee MOVE AV On Demand Scan policy must be configured to delete files automatically and quarantine as the first response of a threat detection.
SV-93191r1_ruleThe McAfee MOVE AV On Demand Scan policy must be configured to scan all file types.
SV-93193r1_rulePath Exclusions configured in the McAfee MOVE AV On Demand Scan policy must be formally documented by the System Administrator and approved by the ISSO/ISSM.
SV-93195r1_ruleThe McAfee MOVE AV On-Demand Scan interval must be set to no more than every seven days.
SV-93197r1_ruleThe McAfee MOVE AV Options policy must specify the location of the quarantine network share.
SV-93199r1_ruleThe McAfee MOVE AV Options policy must specify the username and password for the quarantine network share.
SV-93201r1_ruleThe McAfee MOVE AV SVM Settings policy ODS scheduler must be set to no more than every seven days.
SV-93203r1_ruleThe McAfee MOVE AV SVM must be managed by the HBSS ePO server.
SV-93205r1_ruleThe McAfee MOVE AV SVM Settings policy must be configured to scan for potentially unwanted programs.
SV-93207r1_ruleThe McAfee MOVE AV SVM Settings policy must be configured to scan for Multipurpose Internet Mail Extensions (MIME)-encoded files.
SV-93209r1_ruleThe McAfee MOVE AV SVM Settings policy must be configured to use McAfee Global Threat Intelligence File Reputation with a sensitivity level of medium or higher.
SV-93211r1_ruleThe McAfee MOVE AV SVM settings policy must be configured to communicate with the hypervisor/vCenter server via HTTPS protocol.
SV-93213r1_ruleThe McAfee MOVE AV SVM settings policy must be configured to authenticate to the hypervisor/vCenter server with user name and password.