UCF STIG Viewer Logo

McAfee MOVE AV Multi-Platform 4.5 Security Technical Implementation Guide


Overview

Date Finding Count (34)
2017-12-01 CAT I (High): 4 CAT II (Med): 30 CAT III (Low): 0
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-78515 High The McAfee MOVE AV Common Options policy must be configured to enable self-protection.
V-78523 High The McAfee VirusScan Enterprise Access Protection rules must be used for self-protection of the files and folder of the McAfee Security Virtual Manager (SVM).
V-78521 High The admin password for the McAfee MOVE AV Security Virtual Machine (SVM) must be changed from the default.
V-78525 High The McAfee MOVE AV On Access Scan Policy must be configured to enable protection.
V-78509 Medium The McAfee MOVE AV Common Options policy must be configured to report all events to the Windows Event Log.
V-78547 Medium The McAfee MOVE AV On Demand Scan policy must be explicitly configured to stop an on-demand scan after an organization-specific period.
V-78541 Medium The McAfee MOVE AV On Access Scan policy must be configured to delete files automatically and quarantine as the first response of a threat detection.
V-78543 Medium The McAfee MOVE AV On Demand Scan policy must be configured to enable on-demand scan.
V-78557 Medium The McAfee MOVE AV On-Demand Scan interval must be set to no more than every seven days.
V-78567 Medium The McAfee MOVE AV SVM must be managed by the HBSS ePO server.
V-78565 Medium The McAfee MOVE AV SVM must have McAfee VirusScan Enterprise installed.
V-78519 Medium The McAfee MOVE AV policies must be configured with and managed by the HBSS ePO server.
V-78561 Medium The McAfee MOVE AV Options Policy must be configured to automatically delete quarantined data after a time period of no more than 28 days.
V-78553 Medium The McAfee MOVE AV On Demand Scan policy must be configured to scan all file types.
V-78569 Medium The McAfee MOVE AV SVM must be configured with a static Internet Protocol (IP) address.
V-78535 Medium The McAfee MOVE AV On Access Scan Policy must be configured to scan all file types.
V-78537 Medium Path or file exclusions configured in McAfee MOVE AV On Access Scan Policy must be formally documented by the System Administrator and approved by the ISSO/ISSM.
V-78531 Medium The McAfee MOVE AV On Access Scan Policy must be configured to scan when writing to disk.
V-78533 Medium The McAfee MOVE AV On Access Scan Policy must be configured to scan when reading from disk.
V-78545 Medium The McAfee MOVE AV On Demand Scan policy must be configured to enforce a maximum time for each file scan of no less than 45 seconds.
V-78539 Medium Process exclusions configured in McAfee MOVE AV On Access Scan Policy must be formally documented by the System Administrator and approved by the ISSO/ISSM.
V-78571 Medium The McAfee MOVE AV SVM Settings policy must be configured to scan for potentially unwanted programs.
V-78555 Medium Path Exclusions configured in the McAfee MOVE AV On Demand Scan policy must be formally documented by the System Administrator and approved by the ISSO/ISSM.
V-78575 Medium The McAfee MOVE AV SVM Settings policy must be configured to use McAfee Global Threat Intelligence file reputation with a sensitivity level of medium or higher.
V-78551 Medium The McAfee MOVE AV On Demand Scan policy must be configured to delete files automatically and quarantine as the first response of a threat detection.
V-78513 Medium The McAfee MOVE AV Common Options policy must be configured to not rotate log files until they reach at least 10 MB in size.
V-78511 Medium The McAfee MOVE AV Common Options policy must be configured to send all events to the HBSS ePO server.
V-78517 Medium All other anti-virus products must be removed from the virtual machine while the McAfee AV Client is running.
V-78549 Medium The McAfee MOVE AV On Demand Scan policy must be configured to cache scan results for files smaller than 40 MB.
V-78559 Medium The McAfee MOVE AV Options Policy must be configured with the location of quarantine to ensure consistency across all systems.
V-78573 Medium The McAfee MOVE AV SVM Settings policy must be configured to scan for Multipurpose Internet Mail Extensions (MIME)-encoded files.
V-78527 Medium The McAfee MOVE AV On Access Scan Policy must be configured with a scan timeout of 45 seconds or more.
V-78563 Medium The McAfee MOVE AV SVM Settings policy ODS scan interval must be set to no more than every seven days.
V-78529 Medium The McAfee MOVE AV On Access Scan Policy must be configured to cache scan results for files smaller than 40 MB.