UCF STIG Viewer Logo

McAfee MOVE 2.6/3.6.1 Multi-Platform Client STIG


Overview

Date Finding Count (23)
2016-04-05 CAT I (High): 2 CAT II (Med): 21 CAT III (Low): 0
STIG Description
The McAfee MOVE 2.6/3.6.1 Multi-Platform Client STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC II - Mission Support Public)

Finding ID Severity Title
V-42954 High The self-protection feature of the McAfee MOVE AV [Multi-Platform] Client, designed to prevent malicious attacks on McAfee MOVE AV Multi-Platform software components, must be enabled.
V-42936 High The McAfee MOVE AV [Multi-Platform] Client General policy must be configured to enable malware protection.
V-42939 Medium The McAfee MOVE AV [Multi-Platform] Client General policy must be configured with the IP address of the secondary Offload Scan Server used by all virtual machines using this policy.
V-42958 Medium If the McAfee MOVE AV [Multi-Platform] Client General policy is configured with process exclusions, those exclusions must be formally documented and approved by the ISSO/ISSM.
V-42956 Medium The McAfee MOVE AV [Multi-Platform] Client General policy must be configured with the listening port of the primary Offload Scan Server used by all virtual machines using this policy.
V-42957 Medium The McAfee MOVE AV [Multi-Platform] Client General policy must be configured with the listening port of the secondary Offload Scan Server used by all virtual machines using this policy.
V-42933 Medium All other antivirus products must be removed from the virtual machine while the McAfee AV Client is running.
V-42952 Medium The McAfee MOVE AV [Multi-Platform] Client General policy must be configured with the location of SYSTEM_DRIVE\quarantine to ensure consistency across all systems.
V-42935 Medium The McAfee MOVE AV [Multi-Platform] Client policies must be configured with, and managed by, the HBSS ePO server.
V-42937 Medium The McAfee MOVE AV [Multi-Platform] Client General policy must be configured with the IP address of the primary Offload Scan Server used by all virtual machines using this policy.
V-42955 Medium The McAfee MOVE AV [Multi-Platform] Client General policy must be configured to deny access to files if first action fails.
V-42953 Medium The McAfee MOVE AV [Multi-Platform] Client General policy must be configured to automatically delete quarantined data after a time period of no more than 28 days.
V-42950 Medium The McAfee MOVE AV [Multi-Platform] Client General policy must be configured to delete files automatically as first action.
V-42951 Medium The McAfee MOVE AV [Multi-Platform] Client General policy must be configured to enable the quarantine.
V-42940 Medium The McAfee MOVE AV [Multi-Platform] Client General policy must be configured with a scan timeout of 180 seconds or more.
V-42943 Medium The McAfee MOVE AV [Multi-Platform] Client General policy must be configured to expire cached scan results after a time period of no more than 24 hours.
V-42942 Medium The McAfee MOVE AV [Multi-Platform] Client General policy must be configured to cache scan results for files smaller than 40MB.
V-42945 Medium The McAfee MOVE AV [Multi-Platform] General policy must be configured to scan when reading from disk.
V-42944 Medium The McAfee MOVE AV [Multi-Platform] Client General policy must be configured to scan when writing to disk.
V-42947 Medium If the McAfee MOVE AV [Multi-Platform] Client General policy is configured with path or file exclusions, those exclusions must be formally documented and approved by the ISSO/ISSM.
V-42946 Medium The McAfee MOVE AV [Multi-Platform] Client General policy must be configured to scan all file types.
V-42949 Medium The McAfee MOVE AV [Multi-Platform] Client General policy must be configured to send malware detection events to the HBSS ePO server.
V-42948 Medium The McAfee MOVE AV [Multi-Platform] Client General policy must be configured to report malware detections to the client event log.