UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

McAfee VirusScan 8.8 Managed Client STIG


Overview

Date Finding Count (87)
2017-07-05 CAT I (High): 3 CAT II (Med): 84 CAT III (Low): 0
STIG Description
The McAfee VirusScan Managed Client STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC II - Mission Support Public)

Finding ID Severity Title
V-6453 High McAfee VirusScan On-Access General Policies must be configured to enable on-access scanning at system startup.
V-42516 High McAfee VirusScan Access Protection Policies must be configured to prevent McAfee services from being stopped.
V-19910 High The antivirus signature file age must not exceed 7 days.
V-14618 Medium McAfee VirusScan On-Access General Policies must be configured to enable scanning of scripts.
V-14619 Medium McAfee VirusScan On-Access General Policies must be configured to block the connection when a threatened file is detected in a shared folder.
V-6618 Medium McAfee VirusScan On-Demand scan must be configured to record scanning activity in a log file.
V-6469 Medium McAfee VirusScan On-Access General Policies must be configured to notify local users when detections occur.
V-6468 Medium McAfee VirusScan On-Access General Policies must be configured to scan floppy during shutdown.
V-6612 Medium McAfee VirusScan On-Demand scan must be configured to decode MIME encoded files.
V-6467 Medium McAfee VirusScan On-Access General Policies must be configured to scan boot sectors.
V-6611 Medium McAfee VirusScan On-Demand scan must be configured to scan inside archives.
V-6616 Medium McAfee VirusScan On-Demand scan actions, When a threat is found must be configured to clean files automatically as first action.
V-6617 Medium McAfee VirusScan On-Demand scan actions, When a threat is found must be configured to delete files automatically if first action fails.
V-6614 Medium McAfee VirusScan On-Demand scan must be configured to find unknown program threats.
V-6615 Medium McAfee VirusScan On-Demand scan must be configured to find unknown macro threats.
V-6588 Medium McAfee VirusScan On Delivery Email Scan Policies must be configured to find unknown macro threats.
V-6583 Medium McAfee VirusScan On-Access General Policies must be configured to log any failure to scan encrypted files.
V-6586 Medium McAfee VirusScan On-Delivery Email Scan Policies must be configured to enable on-delivery email scanning.
V-6587 Medium McAfee VirusScan On-Delivery Email Scan Policies must be configured to find unknown program threats and Trojans.
V-6585 Medium McAfee VirusScan must be configured to receive DAT and Engine updates.
V-14663 Medium McAfee VirusScan Unwanted Programs Policies must be configured to detect adware.
V-14662 Medium McAfee VirusScan Unwanted Programs Policies must be configured to detect spyware.
V-14661 Medium McAfee VirusScan Buffer Overflow Protection Policies log file size must be restricted and be configured to at least 10MB.
V-14660 Medium McAfee VirusScan Buffer Overflow Protection Policies must be configured to record scanning activity in a log file.
V-42517 Medium McAfee VirusScan Access Protection Policies must be configured to record scanning activity in a log file.
V-6601 Medium McAfee VirusScan On-Demand scan must be configured to scan boot sectors.
V-6600 Medium McAfee VirusScan On-Demand scan must be configured to scan all subfolders.
V-6602 Medium McAfee VirusScan On-Demand scan must be configured to scan all files.
V-6604 Medium McAfee VirusScan On-Demand scan must be configured so there are no exclusions from the scan unless exclusions have been documented with, and approved by, the ISSO/ISSM/DAA.
V-42518 Medium McAfee VirusScan Access Protection log file size must be restricted and be configured to at least 10MB.
V-42519 Medium McAfee VirusScan Access Protection: Common Standard Protection must be set to prevent modification of McAfee files and settings.
V-6599 Medium McAfee VirusScan On-Demand scan must be configured to scan all fixed, or local, disks and running processes.
V-6591 Medium McAfee VirusScan On Delivery Email Scan Policies must be configured to scan email message body.
V-6590 Medium McAfee VirusScan On Delivery Email Scan Policies must be configured to decode MIME encoded files.
V-6592 Medium McAfee VirusScan On Delivery Email Scan Policies, when a threat is found, must be configured to clean attachments as the first action.
V-6597 Medium McAfee VirusScan On-Delivery Email Scan Policies log file size must be restricted and be configured to be at least 10MB.
V-6596 Medium McAfee VirusScan On-Delivery Email Scan Policies must be configured to record scanning activity in a log file.
V-59363 Medium McAfee VirusScan Access Protection Rules Anti-Spyware Maximum Protection must be set to block and report when common all programs are run from the Temp folder.
V-35027 Medium McAfee VirusScan On-Access General Policies Artemis sensitivity level must be configured to medium or higher.
V-6620 Medium McAfee VirusScan On-Demand scan log file size must be restricted and be configured to at least 10MB.
V-6627 Medium McAfee VirusScan On-Demand scan must be scheduled to be executed at least on a weekly basis.
V-6625 Medium McAfee VirusScan On-Demand scan must be configured to log any failure to scan encrypted files.
V-42500 Medium McAfee VirusScan On Delivery Email Scan Policies must be configured to delete attachments if the first action fails for when an unwanted program is found.
V-42541 Medium McAfee VirusScan On-Access Default Processes Policies must be configured to detect unwanted programs.
V-42540 Medium McAfee VirusScan Access Protection Policies must be configured to enable access protection.
V-42543 Medium McAfee VirusScan On-Access Default Processes Policies actions, When an unwanted program is found must be configured to delete files automatically if first action fails.
V-42542 Medium McAfee VirusScan On-Access Default Processes Policies actions, When an unwanted program is found must be configured to clean files automatically as first action.
V-14627 Medium McAfee VirusScan On-Access Default Processes Policies must be configured to find unknown macro viruses.
V-14626 Medium McAfee VirusScan On-Access Default Processes Policies must be configured to find unknown unwanted programs and trojans.
V-14625 Medium McAfee VirusScan On-Access Default Processes Policies must be configured to scan all files.
V-14624 Medium McAfee VirusScan On-Access Default Processes Policies must be configured to scan when reading from disk.
V-14623 Medium McAfee VirusScan On-Access Default Processes Policies must be configured to scan when writing to disk.
V-14622 Medium McAfee VirusScan On-Access Default Processes Policies must be configured to use only one scanning policy for all processes, unless the use of Low-Risk Processes/High-Risk Processes has been documented with, and approved by, the IAO/IAM.
V-14621 Medium McAfee VirusScan On-Access General Policies must be configured to block the connection when a file with a potentially unwanted program is detected in a shared folder.
V-14620 Medium McAfee VirusScan On-Access General Policies must be configured to unblock connections after a minimum of 30 minutes.
V-14628 Medium McAfee VirusScan On-Access Default Processes Policies must be configured to scan inside archives.
V-14652 Medium McAfee VirusScan On Delivery Email Scan Policies must be configured to clean attachments as the first action for when an unwanted program is found.
V-14657 Medium McAfee VirusScan Buffer Overflow Protection Policies must be configured to enable Buffer Overflow Protection.
V-14654 Medium McAfee VirusScan On-Demand scan must be configured to detect for unwanted programs.
V-42493 Medium McAfee VirusScan On Delivery Email Scan Policies, When a threat is found, must be configured to clean attachments as the first action and delete attachments if the first action fails.
V-14658 Medium McAfee VirusScan Buffer Overflow Protection Policies must be configured for Protection mode.
V-14659 Medium McAfee VirusScan Buffer Overflow Protection Policies must be configured to display a dialog box when a buffer overflow is detected.
V-14630 Medium McAfee VirusScan On-Access Default Processes Policies Actions for When a threat is found must be configured to clean files automatically as first action.
V-14631 Medium McAfee VirusScan On-Access Default Processes Policies actions for When a threat is found must be configured delete files automatically if first action fails.
V-42529 Medium McAfee VirusScan Access Protection: Anti-Virus Standard Protection must be set to prevent IRC communication.
V-42528 Medium McAfee VirusScan Access Protection: Anti-Virus Standard Protection must be set to prevent mass mailing worms from sending mail.
V-42527 Medium McAfee VirusScan Access Protection: Anti-Virus Standard Protection must be set to prevent remote creation of autorun files.
V-42526 Medium McAfee VirusScan Access Protection: Anti-Spyware Maximum Protection must be set to block and log execution of scripts from the Temp folder.
V-42525 Medium McAfee VirusScan Access Protection: Common Maximum Protection must be set to detect and log launching of files from the Downloaded Programs Files folder.
V-42524 Medium McAfee VirusScan Access Protection: Common Standard Protection must be set to prevent hooking of McAfee processes.
V-42523 Medium McAfee VirusScan Access Protection Rules Common Standard Protection must be set to block and report when common programs are run from the Temp folder.
V-42522 Medium McAfee VirusScan Access Protection: Common Standard Protection must be set to prevent termination of McAfee processes.
V-42521 Medium McAfee VirusScan Access Protection: Common Standard Protection must be set to prevent modification of McAfee Scan Engine files and settings.
V-42520 Medium McAfee VirusScan Access Protection: Common Standard Protection must be set to prevent modification of McAfee Common Management Agent files and settings.
V-6478 Medium McAfee VirusScan On-Access General Policies must be configured to log the session summary.
V-6474 Medium McAfee VirusScan On-Access General Policies must be configured to log the scan sessions.
V-6475 Medium McAfee VirusScan On-Access General Policies log file size must be restricted and be configured to at least 10MB.
V-6470 Medium McAfee VirusScan On-Access General Policies must be configured to prevent users from removing messages from the list.
V-42538 Medium McAfee VirusScan On-Delivery Email Scan Policies must be configured to log session summary and failure to scan encrypted files.
V-42539 Medium McAfee VirusScan On-Access General Policies must be configured to not exclude any URL scripts from being scanned unless the URL exclusions have been documented with, and approved by, the ISSO/ISSM/DAA.
V-42534 Medium McAfee VirusScan On-Demand scan actions, When an unwanted program is found must be configured to delete files automatically if first action fails.
V-42536 Medium McAfee VirusScan On-Delivery Email Scan Policies Artemis sensitivity level must be configured to medium or higher.
V-42537 Medium McAfee VirusScan On-Delivery Email Scan Policies must be configured to send a notification email to the IAO, IAM, and/or ePO administrator when a threatened email message is detected.
V-42530 Medium McAfee VirusScan On-Access General Policies must be configured to not exclude any script processes from being scanned unless the process exclusions have been documented with, and approved by, the ISSO/ISSM/DAA.
V-42531 Medium McAfee VirusScan On-Access Default Processes Policies must be configured to not exclude any files from being scanned unless exclusions have been documented with, and approved by, the ISSO/ISSM/DAA.
V-42532 Medium McAfee VirusScan On-Demand scan must be configured to scan memory for rootkits.
V-42533 Medium McAfee VirusScan On-Demand scan actions, When an unwanted program is found must be configured to clean files automatically as first action.