Server check: From the Symantec Endpoint Protection Management Server, Symantec Endpoint Protection Management Console: Select Clients -> Under Clients -> Select the client to be checked -> Under the Policies tab, Settings -> Select General Settings -> Under the Tamper Protection tab -> Ensure "Protect Symantec security software from being tampered with or shut down" is selected.
Criteria: If "Protect Symantec security software from being tampered with or shut down" is not selected, this is a finding.
Client check: Locate the Symantec Endpoint Protection icon in the system tray. Double-click the icon to open the Symantec Endpoint Protection configuration screen. On the left hand side, select Change settings -> Under Client Management -> Select Configure Settings -> Under the Tamper Protection tab -> Ensure "Protect Symantec security software from being tampered with or shut down" is selected.
Criteria: If "Protect Symantec security software from being tampered with or shut down" is not selected, this is a finding. |