STIGQter STIGQter: STIG Summary: McAfee MOVE Agentless 3.6.1 Security Virtual Appliance STIG

Version: 1

Release: 5 Benchmark Date: 28 Oct 2016

CheckedNameTitle
SV-56609r2_ruleThe Virtual Machine must have VMware vShield Endpoint thin client installed and shown as protected in the vShield Manager.
SV-56787r2_ruleThe McAfee MOVE AV Agentless SVA policy must be configured with, and managed by, the HBSS ePO server.
SV-56788r2_ruleThe McAfee MOVE AV Agentless SVA Authentication policy must be configured to communicate with the Hypervisor/vCenter server via HTTPS protocol.
SV-56789r2_ruleThe McAfee MOVE AV Agentless SVA Authentication policy must be configured to authenticate to the Hypervisor/vCenter server with user name and password.
SV-56790r2_ruleThe McAfee MOVE AV Agentless SVA Scan Settings policy must be configured with the SVA cache enabled.
SV-56791r2_ruleThe McAfee MOVE AV Agentless SVA Scan Settings policy must be configured to cache scan results for files up to a file size of 1 MB.
SV-56792r2_ruleThe McAfee MOVE AV Agentless SVA Scan Settings policy for On-Demand Client Scan time interval must be set to no more than every 7 days.
SV-57765r2_ruleThe McAfee MOVE AV Agentless Scan policy must be configured to enable On-Access scanning.
SV-57767r2_ruleThe McAfee MOVE AV Agentless Scan policy must be configured to enforce a maximum On-Access Scan timeout of no less than 45 seconds.
SV-57769r2_ruleThe McAfee MOVE AV Agentless Scan policy must be configured to enable On-Demand scanning.
SV-57803r2_ruleThe McAfee MOVE AV Agentless Scan policy must be configured to scan files when opened.
SV-57807r2_ruleThe McAfee MOVE AV Agentless Scan policy must be configured to scan all file types.
SV-57813r2_ruleThe McAfee MOVE AV Agentless Scan policy must be configured to scan files when closed.
SV-57827r3_ruleThe McAfee MOVE AV Agentless Scan policy must be configured to scan inside archives.
SV-61731r2_ruleThe McAfee MOVE AV Agentless Scan policy must be configured to decode MIME encoded files.
SV-61733r2_ruleThe McAfee MOVE AV Agentless Scan policy must be configured to find unknown macro threats.
SV-61735r2_ruleThe McAfee MOVE AV Agentless Scan policy for Heuristics must be configured to find unknown unwanted programs and Trojans.
SV-61737r2_ruleThe McAfee MOVE AV Agentless Scan policy must be configured to use McAfee Global Threat Intelligence file reputation set to a sensitivity level of Medium or higher.
SV-61739r2_ruleThe McAfee MOVE AV Agentless Scan policy must be configured to detect unwanted programs.
SV-61741r2_ruleFor any path or file exclusions configured in the McAfee MOVE AV Agentless Scan policy, those exclusions must be formally documented by the System Administrator and approved by the IAO/IAM.
SV-61743r2_ruleWhen a threat is found by the McAfee MOVE AV Agentless On-Access Scan, the Scan policy must be configured to delete files automatically as first action.
SV-61745r2_ruleWhen a threat is found by the McAfee MOVE AV Agentless On-Access Scan, the Scan policy must be configured to deny access to files if first action fails.
SV-61747r2_ruleWhen a threat is found by the McAfee MOVE AV Agentless On-Demand Scan, the Scan policy must be configured to delete files automatically as first action.
SV-61749r2_ruleWhen a threat is found by the McAfee MOVE AV Agentless On-Demand Scan, the Scan policy must be configured to notify only if first action fails.
SV-61751r2_ruleThe McAfee MOVE AV Agentless Scan policy must be configured to enable the quarantine.
SV-62603r1_ruleThe McAfee MOVE AV Agentless SVAadmin account password must be changed from the default.