UCF STIG Viewer Logo

McAfee MOVE AV Agentless 4.5 Security Technical Implementation Guide


Overview

Date Finding Count (24)
2017-12-01 CAT I (High): 2 CAT II (Med): 22 CAT III (Low): 0
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC II - Mission Support Sensitive)

Finding ID Severity Title
V-78463 High The McAfee MOVE AV On Access Scan policy must be configured to enable protection.
V-78461 High The admin password for the McAfee MOVE AV Agentless Security Virtual Machine (SVM) must be changed from the default.
V-78469 Medium The McAfee MOVE AV On Access Scan policy must be configured to scan files when reading from disk.
V-78501 Medium The McAfee MOVE AV SVM Settings policy must be configured to scan for Multipurpose Internet Mail Extensions (MIME)-encoded files.
V-78503 Medium The McAfee MOVE AV SVM Settings policy must be configured to use McAfee Global Threat Intelligence File Reputation with a sensitivity level of medium or higher.
V-78467 Medium The McAfee MOVE AV On Access Scan policy must be configured to scan files when writing to disk.
V-78505 Medium The McAfee MOVE AV SVM settings policy must be configured to communicate with the hypervisor/vCenter server via HTTPS protocol.
V-78465 Medium The McAfee MOVE AV On Access Scan policy must be configured to enforce a maximum On-Access Scan timeout of no less than 45 seconds.
V-78507 Medium The McAfee MOVE AV SVM settings policy must be configured to authenticate to the hypervisor/vCenter server with user name and password.
V-78497 Medium The McAfee MOVE AV SVM must be managed by the HBSS ePO server.
V-78495 Medium The McAfee MOVE AV SVM Settings policy ODS scheduler must be set to no more than every seven days.
V-78493 Medium The McAfee MOVE AV Options policy must specify the username and password for the quarantine network share.
V-78491 Medium The McAfee MOVE AV Options policy must specify the location of the quarantine network share.
V-78499 Medium The McAfee MOVE AV SVM Settings policy must be configured to scan for potentially unwanted programs.
V-78479 Medium The McAfee MOVE AV On Demand Scan policy must be configured to enforce a maximum time for each file scan of no less than 45 seconds.
V-78471 Medium The McAfee MOVE AV On Access Scan policy must be configured to scan all file types.
V-78473 Medium Path or file exclusions configured in the McAfee MOVE AV On Access Scan policy must be formally documented by the System Administrator and approved by the ISSO/ISSM.
V-78475 Medium The McAfee MOVE AV On Access Scan policy must be configured to delete files automatically and quarantine as the first response of a threat detection.
V-78477 Medium The McAfee MOVE AV policy must be configured to enable On-Demand scanning.
V-78489 Medium The McAfee MOVE AV On-Demand Scan interval must be set to no more than every seven days.
V-78481 Medium The McAfee MOVE AntiVirus On Demand Scan policy must be configured to stop an on-demand scan after 150 minutes.
V-78483 Medium The McAfee MOVE AV On Demand Scan policy must be configured to delete files automatically and quarantine as the first response of a threat detection.
V-78485 Medium The McAfee MOVE AV On Demand Scan policy must be configured to scan all file types.
V-78487 Medium Path Exclusions configured in the McAfee MOVE AV On Demand Scan policy must be formally documented by the System Administrator and approved by the ISSO/ISSM.