STIGQter STIGQter: STIG Summary: McAfee VSEL 1.9/2.0 Managed Client Security Technical Implementation Guide

Version: 1

Release: 4 Benchmark Date: 26 Apr 2019

CheckedNameTitle
SV-77283r1_ruleThe anti-virus signature file age must not exceed 7 days.
SV-77487r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to receive automatic updates.
SV-77489r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to enable On-Access scanning.
SV-77491r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to decompress archives when scanning.
SV-77493r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find unknown program viruses.
SV-77495r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find unknown macro viruses.
SV-77497r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find potentially unwanted programs.
SV-77499r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to scan files when being written to disk.
SV-77501r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to scan files when being read from disk.
SV-77503r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to scan all file types.
SV-77505r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner maximum scan time must not be less than 45 seconds.
SV-77507r2_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must only be configured with exclusions which are documented and approved by the ISSO/ISSM/AO.
SV-77509r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Clean infected files automatically as first action when a virus or Trojan is detected.
SV-77511r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Move infected files to the quarantine directory if first action fails when a virus or Trojan is detected.
SV-77513r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Clean infected files automatically as first action when programs and jokes are found.
SV-77515r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Move infected files to the quarantine directory if first action fails when programs and jokes are found.
SV-77517r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to deny access to the file if scanning fails.
SV-77519r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to allow access to files if scanning times out.
SV-77521r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be enabled to scan mounted volumes when mounted volumes point to a network server without an anti-virus solution installed.
SV-77523r2_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to run a scheduled On-Demand scan at least once a week.
SV-77525r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to decompress archives when scanning.
SV-77527r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find unknown program viruses.
SV-77529r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find unknown macro viruses.
SV-77531r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find potentially unwanted programs.
SV-77533r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to scan all file types.
SV-77535r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Clean infected files automatically as first action when a virus or Trojan is detected.
SV-77537r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Move infected files to the quarantine directory if first action fails when a virus or Trojan is detected.
SV-77539r2_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must only be configured with exclusions which are documented and approved by the ISSO/ISSM/AO.
SV-77541r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x Web UI must be disabled.
SV-77543r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Clean infected files automatically as first action when programs and jokes are found.
SV-77545r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Move infected files to the quarantine directory if first action fails when programs and jokes are found.
SV-77547r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to decode MIME encoded files.
SV-77549r2_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to include all local drives and their sub-directories.
SV-77551r3_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scan must be configured to scan mounted volumes when mounted volumes point to a network server without an anti-virus solution installed.
SV-77553r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must scan all media used for system maintenance prior to use.
SV-77555r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to receive all patches, service packs and updates from a DoD-managed source.
SV-77557r1_ruleThe nails user and nailsgroup group must be restricted to the least privilege access required for the intended role.
SV-77559r2_ruleA notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes.