STIGQter: STIG Summary: McAfee Application Control 8.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

The use of a Solidcore 8.x local Command Line Interface (CLI) Access Password must be documented in the organizations written policy.

DISA Rule

SV-213317r506897_rule

Vulnerability Number

V-213317

Group Title

SRG-APP-000165

Rule Version

MCAC-PO-000101

Severity

CAT II

CCI(s)

• CCI-000200 - The information system prohibits password reuse for the organization-defined number of generations.

Weight

10

Fix Recommendation

Follow the formal change and acceptance process to update the organization's written policy with the use of the CLI.

Check Contents

Note: The CLI Access is in lockdown mode by default when being managed by ePO. Since the CLI Access can be recovered for troubleshooting, this requirement needs to be met.

Consult with the ISSO/ISSM to obtain a copy of the organization's documented policy for application whitelisting.

Review the written policy for how and when the Solidcore CLI is used by the organization.

If the use of the CLI is not documented in the organization's written policy, this is a finding.

Vulnerability Number

V-213317

Documentable

False

Rule Version

MCAC-PO-000101

Severity Override Guidance

Note: The CLI Access is in lockdown mode by default when being managed by ePO. Since the CLI Access can be recovered for troubleshooting, this requirement needs to be met.

Consult with the ISSO/ISSM to obtain a copy of the organization's documented policy for application whitelisting.

Review the written policy for how and when the Solidcore CLI is used by the organization.

If the use of the CLI is not documented in the organization's written policy, this is a finding.

Check Content Reference

M

Target Key

3982

Comments