Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-42981 | AV-MOVE-OSS-013 | SV-55710r1_rule | Medium |
Description |
---|
Anti-virus software is the most commonly used technical control for malware threat mitigation. Anti-virus software on hosts should be configured to scan all hard drives and folders regularly to identify any file system infections and to scan any removable media, if applicable, before media is inserted into the system. Not scheduling a regular scan of the hard drives of a system and/or not configuring the scan to scan all files and running processes introduces a higher risk of threats going undetected. |
STIG | Date |
---|---|
McAfee MOVE 2.6/3.6.1 Multi-Platform OSS STIG | 2016-04-05 |
Check Text ( C-49156r1_chk ) |
---|
From the ePO server console System Tree, select the Systems tab, find and click on the asset representing the McAfee MOVE Offload Scan Server to open its properties, select Actions, select Agent, and select Modify Policies on a Single System. From the product drop-down list, select MOVE AV [Multi-Platform] Offload Scan Server 2.x.x. Click on the MOVE AV [Multi-Platform] Offload Scan Server policy to open the properties. On the On-Demand Scan tab, ensure the "On-Demand Scanning:" setting has a check in the "Enabled" check box. If the "On-Demand Scanning:" setting does not have a check in the "Enabled" check box, this is a finding. |
Fix Text (F-48561r1_fix) |
---|
From the ePO server console System Tree, select the Systems tab, find and click on the asset representing the McAfee MOVE Offload Scan Server to open its properties, select Actions, select Agent, and select Modify Policies on a Single System. From the product drop-down list, select MOVE AV [Multi-Platform] Offload Scan Server 2.x.x. Click on the MOVE AV [Multi-Platform] Offload Scan Server policy to open the properties. On the On-Demand Scan tab, place a check in the "On-Demand Scanning: Enabled" check box. Click Save. |