UCF STIG Viewer Logo

McAfee MOVE Agentless 3.0/3.6.1 Security Virtual Appliance STIG


Overview

Date Finding Count (26)
2016-04-05 CAT I (High): 3 CAT II (Med): 23 CAT III (Low): 0
STIG Description
The McAfee MOVE 3.0/3.6.1 Agentless SVA STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-44931 High The McAfee MOVE AV Agentless Scan policy must be configured to enable On-Access scanning.
V-49679 High The McAfee MOVE AV Agentless SVAadmin account password must be changed from the default.
V-43788 High The Virtual Machine must have VMware vShield Endpoint thin client installed and shown as protected in the vShield Manager.
V-44993 Medium The McAfee MOVE AV Agentless Scan policy must be configured to scan inside archives.
V-48855 Medium The McAfee MOVE AV Agentless Scan policy must be configured to find unknown macro threats.
V-48857 Medium The McAfee MOVE AV Agentless Scan policy for Heuristics must be configured to find unknown unwanted programs and Trojans.
V-48853 Medium The McAfee MOVE AV Agentless Scan policy must be configured to decode MIME encoded files.
V-43960 Medium The McAfee MOVE AV Agentless SVA Scan Settings policy must be configured with the SVA cache enabled.
V-43961 Medium The McAfee MOVE AV Agentless SVA Scan Settings policy must be configured to cache scan results for files up to a file size of 1 MB.
V-43962 Medium The McAfee MOVE AV Agentless SVA Scan Settings policy for On-Demand Client Scan time interval must be set to no more than every 7 days.
V-44935 Medium The McAfee MOVE AV Agentless Scan policy must be configured to enable On-Demand scanning.
V-48859 Medium The McAfee MOVE AV Agentless Scan policy must be configured to use McAfee Global Threat Intelligence file reputation set to a sensitivity level of Medium or higher.
V-48873 Medium The McAfee MOVE AV Agentless Scan policy must be configured to enable the quarantine.
V-48871 Medium When a threat is found by the McAfee MOVE AV Agentless On-Demand Scan, the Scan policy must be configured to notify only if first action fails.
V-44969 Medium The McAfee MOVE AV Agentless Scan policy must be configured to scan files when opened.
V-48867 Medium When a threat is found by the McAfee MOVE AV Agentless On-Access Scan, the Scan policy must be configured to deny access to files if first action fails.
V-43957 Medium The McAfee MOVE AV Agentless SVA policy must be configured with, and managed by, the HBSS ePO server.
V-43959 Medium The McAfee MOVE AV Agentless SVA Authentication policy must be configured to authenticate to the Hypervisor/vCenter server with user name and password.
V-43958 Medium The McAfee MOVE AV Agentless SVA Authentication policy must be configured to communicate with the Hypervisor/vCenter server via HTTPS protocol.
V-48869 Medium When a threat is found by the McAfee MOVE AV Agentless On-Demand Scan, the Scan policy must be configured to delete files automatically as first action.
V-44973 Medium The McAfee MOVE AV Agentless Scan policy must be configured to scan all file types.
V-44933 Medium The McAfee MOVE AV Agentless Scan policy must be configured to enforce a maximum On-Access Scan timeout of no less than 45 seconds.
V-48863 Medium For any path or file exclusions configured in the McAfee MOVE AV Agentless Scan policy, those exclusions must be formally documented by the System Administrator and approved by the IAO/IAM.
V-48865 Medium When a threat is found by the McAfee MOVE AV Agentless On-Access Scan, the Scan policy must be configured to delete files automatically as first action.
V-44979 Medium The McAfee MOVE AV Agentless Scan policy must be configured to scan files when closed.
V-48861 Medium The McAfee MOVE AV Agentless Scan policy must be configured to detect unwanted programs.