STIGQter STIGQter: STIG Summary: McAfee Application Control 8.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

The McAfee Application Control Options Advanced Threat Defense (ATD) settings, if being used, must be confined to the organizations enclave.

DISA Rule

SV-213322r506897_rule

Vulnerability Number

V-213322

Group Title

SRG-APP-000276

Rule Version

MCAC-PO-000106

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Relocate or reinstall the ATD being used by the organization to be confined to the organization's enclave.

Check Contents

If an ATD server is not being used in the environment, this is Not Applicable.

Consult with the ISSO/ISSM to review the written policy to ensure the usage of an ATD is documented.

If the usage of an ATD is not documented in the written policy, this is a finding.

Determine the location of the ATD being used by the organization and verify the ATD is confined to the organization's enclave.

If the location of the ATD being used by the organization cannot be determined and the ATD is not confined to the organization's enclave, this is a finding.

Vulnerability Number

V-213322

Documentable

False

Rule Version

MCAC-PO-000106

Severity Override Guidance

If an ATD server is not being used in the environment, this is Not Applicable.

Consult with the ISSO/ISSM to review the written policy to ensure the usage of an ATD is documented.

If the usage of an ATD is not documented in the written policy, this is a finding.

Determine the location of the ATD being used by the organization and verify the ATD is confined to the organization's enclave.

If the location of the ATD being used by the organization cannot be determined and the ATD is not confined to the organization's enclave, this is a finding.

Check Content Reference

M

Target Key

3982

Comments