The configuration of features under McAfee Application Control Options policies Enforce feature control must be documented in the organizations written policy.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-74203 | MCAC-PO-000108 | SV-88877r1_rule | Medium |
| Description |
|---|
| By default, the McAfee Application Control prevents installation of ActiveX controls on endpoints, enforces memory protection techniques on endpoints, and prevents MSI-installers from running on endpoints. The Feature Control allows for those safeguards to be bypassed and in doing so renders the McAfee Application Control less effective. |
| STIG | Date |
|---|---|
| McAfee Application Control 7.x Security Technical Implementation Guide | 2018-01-03 |
Details
| Check Text ( C-74239r1_chk ) |
|---|
| Consult with the ISSO/ISSM to obtain a copy of the organization's documented policy for application whitelisting. Review the written policy for how the Solidcore client interface is used by the organization. Verify the written policy identifies whether additional features are enabled or not under "Enforce feature control" of the McAfee Application Control Options ePO policy. If the written policy does not identify whether additional features are enabled or not under "Enforce feature control" of the McAfee Application Control Options ePO policy, this is a finding. |
| Fix Text (F-80745r1_fix) |
|---|
| Follow the formal change and acceptance process to document any features needing to be enabled. |