The McAfee Application Control Options policy must be configured to disable Self-Approval.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-74233 | MCAC-TE-000110 | SV-88907r1_rule | Medium |
| Description |
|---|
| The McAfee Application Control Self-Approval feature allows the user to take an action when a user tries to run a new or unknown application. |
| STIG | Date |
|---|---|
| McAfee Application Control 7.x Security Technical Implementation Guide | 2018-01-03 |
Details
| Check Text ( C-74269r1_chk ) |
|---|
| From the ePO server console System Tree, select the "Systems" tab. Select "This Group and All Subgroups". Select the asset to be validated. Select "Actions". Select "Agent". Select "Modify Policies on a Single System". From the product pull-down list, select Solidcore 7.x: Application Control. From the "Policy" column, select the policy associated with the Category "Application Control Options (Windows)". On the "Self-Approval" tab, verify the "Enable Self-Approval" check box is not selected. If the "Enable Self-Approval" check box is selected, this is a finding. |
| Fix Text (F-80775r2_fix) |
|---|
| From the ePO server console System Tree, select the "Systems" tab. Select "This Group and All Subgroups". Select the asset. Select "Actions". Select "Agent". Select "Modify Policies on a Single System". From the product pull-down list, select Solidcore 7.x: Application Control. From the "Policy" column, select the policy associated with the Category "Application Control Options (Windows)". On the "Self-Approval" tab, de-select the "Enable Self-Approval" check box. Click "Save". |