UCF STIG Viewer Logo

McAfee Application Control 8.x Security Technical Implementation Guide


Overview

Date Finding Count (32)
2020-10-02 CAT I (High): 2 CAT II (Med): 30 CAT III (Low): 0
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC II - Mission Support Public)

Finding ID Severity Title
V-213328 High The Solidcore client Command Line Interface (CLI) Access Password must be changed from the default.
V-213327 High The Solidcore client Command Line Interface (CLI) must be in lockdown mode.
V-213329 Medium The organization-specific Rules policy must only include executable and dll files that are associated with applications as allowed by the organizations written policy.
V-213320 Medium The requirement for scheduled Solidcore client Command Line Interface (CLI) Access Password changes must be documented in the organizations written policy.
V-213321 Medium The process by which the Solidcore client Command Line Interface (CLI) Access Password is made available to administrators when needed must be documented in the organizations written policy.
V-213322 Medium The McAfee Application Control Options Advanced Threat Defense (ATD) settings, if being used, must be confined to the organizations enclave.
V-213323 Medium The configuration of features under McAfee Application Control Options policies Enforce feature control must be documented in the organizations written policy.
V-213324 Medium The organizations written policy must include a process for how whitelisted applications are deemed to be allowed.
V-213325 Medium The organizations written policy must include procedures for how often the whitelist of allowed applications is reviewed.
V-213326 Medium The Solidcore client must be enabled.
V-213319 Medium The Solidcore client Command Line Interface (CLI) Access Password protection process must be documented in the organizations written policy.
V-213332 Medium The McAfee Application Control Options Advanced Threat Defense (ATD) settings must not be enabled unless an internal ATD is maintained by the organization.
V-213339 Medium Enabled features under McAfee Application Control Options policies Enforce feature control must not be configured unless documented in written policy and approved by ISSO/ISSM.
V-213338 Medium The McAfee Application Control Options policies Enforce feature control memory protection must be enabled.
V-213317 Medium The use of a Solidcore 8.x local Command Line Interface (CLI) Access Password must be documented in the organizations written policy.
V-213316 Medium A McAfee Application Control written policy must be documented to outline the organization-specific variables for application whitelisting.
V-213333 Medium The McAfee Application Control Options Advanced Threat Defense (ATD) settings, if being used, must be configured to send all binaries with a reputation of Might be Trusted and below for analysis.
V-213318 Medium The Solidcore client Command Line Interface (CLI) Access password complexity requirements must be documented in the organizations written policy.
V-213331 Medium The McAfee Application Control Options Reputation-Based Execution settings, if enabled, must be configured to allow Most Likely Trusted or Known Trusted only.
V-213330 Medium The McAfee Application Control Options Reputation setting must be configured to use the McAfee Global Threat Intelligence (McAfee GTI) option.
V-213337 Medium The McAfee Application Control Options policy End User Notification, if configured by organization, must have all default variables replaced with the organization-specific data.
V-213336 Medium The McAfee Application Control Options policy must be configured to disable Self-Approval.
V-213335 Medium Organization-specific McAfee Applications Control Options policies must be created and applied to all endpoints.
V-213334 Medium The McAfee Application Control Options Advanced Threat Defense (ATD) settings, if being used, must be configured to only send binaries with a size of 5 MB or less.
V-213342 Medium The McAfee Applications Default Rules policy must be part of the effective rules policy applied to every endpoint.
V-213343 Medium A copy of the McAfee Default Rules policy must be part of the effective rules policy applied to every endpoint.
V-213340 Medium The McAfee Application Control Options Inventory option must be configured to hide OS Files.
V-213341 Medium The McAfee Application Control Options Inventory interval option must be configured to pull inventory from endpoints on a regular basis not to exceed seven days.
V-213346 Medium The Throttling settings must be enabled and configured to settings according to organizations requirements.
V-213347 Medium The Solidcore Client Exception Rules must be documented in the organizations written policy.
V-213344 Medium The organization-specific Rules policies must be part of the effective rules policy applied to all endpoints.
V-213345 Medium The organization-specific Solidcore Client Policies must be created and applied to all endpoints.