STIGQter: STIG Summary: McAfee Application Control 8.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

The Solidcore client Command Line Interface (CLI) must be in lockdown mode.

DISA Rule

SV-213327r506897_rule

Vulnerability Number

V-213327

Group Title

SRG-APP-000383

Rule Version

MCAC-TE-000101

Severity

CAT I

CCI(s)

• CCI-001762 - The organization disables organization-defined functions, ports, protocols, and services within the information system deemed to be unnecessary and/or nonsecure.

Weight

10

Fix Recommendation

From the ePO server console System Tree, select the "Systems" tab.

Select "This Group and All Subgroups".
Select the asset.
Select "Actions".
Select "Agent".
Click "Actions".
Select "New Client Task Assignment" to open the Client Task Assignment Builder page.

Select the "Solidcore 8.x product", "SC: Change Local CLI Access" task type, then click "Create New Task" to open the Client Task Catalog page.

Change "CLI status" to "Restrict".

Click "Save".

Check Contents

Determine CLI status.

Access the system being reviewed. From an operating system command line, execute the following command:

sadmin status <enter>

If the status for CLI is "Allowed" or "Recovered", this is a finding.

Vulnerability Number

V-213327

Documentable

False

Rule Version

MCAC-TE-000101

Severity Override Guidance

Determine CLI status.

Access the system being reviewed. From an operating system command line, execute the following command:

sadmin status <enter>

If the status for CLI is "Allowed" or "Recovered", this is a finding.

Check Content Reference

M

Target Key

3982

Comments