Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-42610 | DTASEP002 | SV-55338r1_rule | Medium |
Description |
---|
When scanning for malware, excluding specific file types will increase the risk of a malware-infected file going undetected. By configuring antivirus software to scan all file types, the scanner has a higher success rate at detecting and eradicating malware. |
STIG | Date |
---|---|
Symantec Endpoint Protection 12.1 Managed Client Antivirus | 2015-07-08 |
Check Text ( C-48891r1_chk ) |
---|
On the client machine, locate the Symantec Endpoint Protection icon in the system tray. Double-click the icon to open the Symantec Endpoint Protection configuration screen -> Select "Change Settings" on the left side of the screen -> Select "Configure Settings" for Exceptions -> Ensure there are not any User-defined Exceptions listed that are not documented with, and approved by, the IAO/IAM. Criteria: If any User-defined Exceptions are listed, and not documented with, and approved by, the IAO/IAM, this is a finding. |
Fix Text (F-48192r1_fix) |
---|
On the client machine, locate the Symantec Endpoint Protection icon in the system tray. Double-click the icon to open the Symantec Endpoint Protection configuration screen -> Select the "Change Settings" on the left side of the screen -> Select "Configure Settings" for Exceptions. Remove any User-defined Exceptions that are not documented with, and approved by, the IAO/IAM. |