UCF STIG Viewer Logo

McAfee VirusScan 8.8 Local Client STIG


Overview

Date Finding Count (87)
2018-07-09 CAT I (High): 3 CAT II (Med): 84 CAT III (Low): 0
STIG Description
The McAfee VirusScan 8.8 Local Client STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC II - Mission Support Classified)

Finding ID Severity Title
V-6453 High McAfee VirusScan On-Access Scanner General Settings must be configured to enable on-access scanning at system startup.
V-42549 High McAfee VirusScan Access Protection Rules must be configured to prevent McAfee services from being stopped.
V-19910 High The antivirus signature file age must not exceed 7 days.
V-14618 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to enable scanning of scripts.
V-14619 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to block the connection when a threatened file is detected in a shared folder.
V-6618 Medium McAfee VirusScan On-Demand scan must be configured to record scanning activity in a log file.
V-6469 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to notify local users when detections occur.
V-6468 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to scan floppy during shutdown.
V-6612 Medium McAfee VirusScan On-Demand scan must be configured to decode MIME encoded files.
V-6467 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to scan boot sectors.
V-6611 Medium McAfee VirusScan On-Demand scan must be configured to scan inside archives.
V-6616 Medium McAfee VirusScan On-Demand scan actions, When a threat is found must be configured to clean files automatically as first action.
V-6617 Medium McAfee VirusScan On-Demand scan actions, When a threat is found must be configured to delete files automatically if first action fails.
V-6614 Medium McAfee VirusScan On-Demand scan must be configured to find unknown program threats.
V-6615 Medium McAfee VirusScan On-Demand scan must be configured to find unknown macro threats.
V-6588 Medium McAfee VirusScan On Delivery Email Scanner Properties must be configured to find unknown macro threats.
V-6583 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to log any failure to scan encrypted files.
V-6586 Medium McAfee VirusScan On Delivery Email Scanner Properties must be configured to enable on-delivery email scanning.
V-6587 Medium McAfee VirusScan On-Delivery Email Scanner must be configured to find unknown program threats and trojans.
V-6585 Medium McAfee VirusScan must be configured to receive DAT and Engine updates.
V-14663 Medium McAfee VirusScan Unwanted Programs Policy must be configured to detect adware.
V-14662 Medium McAfee VirusScan Unwanted Programs Policy must be configured to detect spyware.
V-14661 Medium McAfee VirusScan Buffer Overflow Protection Reports Settings log file size must be restricted, but be configured to at least 10MB.
V-14660 Medium McAfee VirusScan Buffer Overflow Protection Reports Settings must be configured to log buffer overflow protection scan activity.
V-42514 Medium McAfee VirusScan On Delivery Email Scanner Properties, when a threat is found, must be configured to delete attachments if the first action fails.
V-42515 Medium McAfee VirusScan On Delivery Email Scanner Properties must be configured to delete attachments if the first action fails for when an unwanted attachment is found.
V-6601 Medium McAfee VirusScan On-Demand scan must be configured to scan boot sectors.
V-6600 Medium McAfee VirusScan On-Demand scan must be configured to scan all subfolders.
V-6602 Medium McAfee VirusScan On-Demand scan must be configured to scan all files.
V-6604 Medium McAfee VirusScan On-Demand scan must be configured so there are no exclusions from the scan unless exclusions have been documented with, and approved by, the ISSO/ISSM/DAA.
V-6599 Medium McAfee VirusScan On-Demand scan must be configured to scan all fixed, or local, disks and running processes.
V-6591 Medium McAfee VirusScan On Delivery Email Scanner Properties must be configured to scan email message body.
V-6590 Medium McAfee VirusScan On Delivery Email Scanner Properties must be configured to decode MIME encoded files.
V-6592 Medium McAfee VirusScan On Delivery Email Scanner Properties, When a threat is found, must be configured to clean attachments as the first action.
V-6597 Medium McAfee VirusScan On-Delivery Email Scanner log file size must be restricted and be configured to be at least 10MB.
V-6596 Medium McAfee VirusScan On Delivery Email Scanner Properties must be configured to record scanning activity in a log file.
V-42563 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to not exclude any script processes from being scanned unless the process exclusions have been documented with, and approved by, the ISSO/ISSM/DAA.
V-42562 Medium McAfee VirusScan Access Protection Rules Anti-Virus Standard Protection must be set to prevent IRC communication.
V-42561 Medium McAfee VirusScan Access Protection Rules Anti-Virus Standard Protection must be set to prevent mass mailing worms from sending mail.
V-42560 Medium McAfee VirusScan Access Protection Rules Anti-Virus Standard Protection must be set to prevent remote creation of autorun files.
V-42567 Medium McAfee VirusScan On-Demand scan actions, When an unwanted program is found must be configured to delete files automatically if first action fails.
V-42566 Medium McAfee VirusScan On-Demand scan actions, When an unwanted program is found must be configured to clean files automatically as first action.
V-42565 Medium McAfee VirusScan On-Demand scan must be configured to scan memory for rootkits.
V-42564 Medium McAfee VirusScan On-Access Scanner All Processes settings must be configured to not exclude any files from being scanned unless exclusions have been documented with, but also be approved by the ISSO/ISSM/AO.
V-42569 Medium McAfee VirusScan On-Delivery Email Scanner Artemis sensitivity level must be configured to Medium or higher.
V-35027 Medium McAfee VirusScan On-Access Scanner General Settings Artemis Heuristic network check for suspicious files must be enabled and set to sensitivity level Medium or higher.
V-6620 Medium McAfee VirusScan On-Demand scan log file size must be restricted, but be configured to at least 10MB.
V-6627 Medium McAfee VirusScan On-Demand scan must be scheduled to be executed at least on a weekly basis.
V-6625 Medium McAfee VirusScan On-Demand scan must be configured to log any failure to scan encrypted files.
V-42570 Medium McAfee VirusScan On-Delivery Email Scanner must be configured to send a notification email to the IAO, IAM and/or ePO administrator when a threatening email message is detected.
V-42571 Medium McAfee VirusScan On-Delivery Email Scanner must be configured to log session summary and failure to scan encrypted files.
V-42572 Medium McAfee VirusScan On-Access Scanner All Processes settings must be configured to not exclude any script URLs from being scanned unless the URL exclusions have been documented with, and approved by the ISSO/ISSM/DAA.
V-42573 Medium McAfee VirusScan Access Protection Properties must be configured to enable access protection.
V-42574 Medium McAfee VirusScan On-Access Scanner All Processes settings must be configured to detect unwanted programs.
V-42575 Medium McAfee VirusScan On-Access Scanner All Processes settings actions, When an unwanted program is found must be configured to clean files automatically as first action.
V-42576 Medium McAfee VirusScan On-Access Scanner All Processes settings actions, When an unwanted program is found must be configured to delete files automatically if first action fails.
V-14627 Medium McAfee VirusScan On-Access Scanner All Processes settings must be configured to find unknown macro viruses.
V-14626 Medium McAfee VirusScan On-Access Scanner All Processes settings must be configured to find unknown unwanted programs and trojans.
V-14625 Medium McAfee VirusScan On-Access Scanner All Processes settings must be configured to scan all files.
V-14624 Medium McAfee VirusScan On-Access Scanner All Processes settings must be configured to scan when reading from disk.
V-14623 Medium McAfee VirusScan On-Access Scanner All Processes settings must be configured to scan when writing to disk.
V-14622 Medium McAfee VirusScan On-Access Scanner All Processes settings must be configured to use only one scanning policy for all processes, unless the use of Low-Risk Processes/High-Risk Processes has been documented with, and approved by, the IAO/IAM.
V-14621 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to block the connection when a file with a potentially unwanted program is detected in a shared folder.
V-14620 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to unblock connections after a minimum of 30 minutes.
V-14628 Medium McAfee VirusScan On-Access Scanner All Processes settings must be configured to scan inside archive files.
V-42558 Medium McAfee VirusScan Access Protection Rules Common Maximum Protection must be set to detect and log the launching of files from the Downloaded Programs Files folder.
V-42559 Medium McAfee VirusScan Access Protection Rules Anti-Spyware Maximum Protection must be set to block and log execution of scripts from the Temp folder.
V-42552 Medium McAfee VirusScan Access Protection Rules Common Standard Protection must be set to prevent modification of McAfee files and settings.
V-42553 Medium McAfee VirusScan Access Protection Rules Common Standard Protection must be set to prevent modification of McAfee Common Management Agent files and settings.
V-42550 Medium McAfee VirusScan Access Protection Reports settings must be configured to record scanning activity in a log file.
V-42551 Medium McAfee VirusScan Access Protection Reports log file size must be restricted and be configured to at least 10MB.
V-42556 Medium McAfee VirusScan Access Protection Rules Common Standard Protection must be set to block and report when common programs are run from the Temp folder.
V-42557 Medium McAfee VirusScan Access Protection Rules Common Standard Protection must be set to prevent hooking of McAfee processes.
V-42554 Medium McAfee VirusScan Access Protection Rules Common Standard Protection must be set to prevent modification of McAfee Scan Engine files and settings.
V-42555 Medium McAfee VirusScan Access Protection Rules Common Standard Protection must be set to prevent termination of McAfee processes.
V-59365 Medium McAfee VirusScan Access Protection Rules Anti-spyware Maximum Protection must be set to block and report when block execution of all programs from temp folder.
V-14652 Medium McAfee VirusScan On Delivery Email Scanner Properties must be configured to clean attachments as the first action for When an unwanted program is found.
V-14657 Medium McAfee VirusScan Buffer Overflow Protection Buffer Overflow Settings must be configured to enable Buffer Overflow Protection.
V-14654 Medium McAfee VirusScan On-Demand scan must be configured to detect for unwanted programs.
V-14658 Medium McAfee VirusScan Buffer Overflow Protection Buffer Overflow Settings must be configured for Protection mode.
V-14659 Medium McAfee VirusScan Buffer Overflow Protection Buffer Overflow Settings must be configured to display a dialog box when a buffer overflow is detected.
V-14630 Medium McAfee VirusScan On-Access Scanner All Processes settings actions, When a threat is found must be configured to clean files automatically as first action.
V-14631 Medium McAfee VirusScan On-Access Scanner All Processes settings actions, When a threat is found must be configured to delete files automatically if first action fails.
V-6478 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to log the session summary.
V-6474 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to log the scan sessions.
V-6475 Medium McAfee VirusScan On-Access Scanner General Settings log file size must be restricted and be configured to at least 10MB.
V-6470 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to prevent users from removing messages from the list.