STIGQter: STIG Summary: Tanium 7.3 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

Tanium must implement organization-defined automated security responses if baseline configurations are changed in an unauthorized manner.

DISA Rule

SV-234032r612749_rule

Vulnerability Number

V-234032

Group Title

SRG-APP-000379

Rule Version

TANS-00-000655

Severity

CAT II

CCI(s)

CCI-001744 - The information system implements organization-defined security responses automatically if baseline configurations are changed in an unauthorized manner.

Weight

Fix Recommendation

Using a web browser on a system that has connectivity to the Tanium Application, access the Tanium Application web user interface (UI).

Log on with CAC.

Click on the navigation button (hamburger menu) on the top left of the console.

Click on the module "Integrity Monitor".

Click "Watchlist" from the left menu.

"Create a New Watchlist" in the upper right corner.

Add Name and Description of the new Watchlist.

Select "Path Style" that fits your enterprise needs.

Select "Create".

Click on the new Watchlist.

Select "Add Paths".

Add paths to be monitored (Work with your TAM to determine correct paths).

Click "Monitor" from the left menu.

"Create a New Monitor" in the upper right corner.

Add "Name"

Add "Description".

Add computers for the new Monitor along with Watchlist.

Click "Create".

Select "Deploy Monitors".

Check Contents

Vulnerability Number

V-234032

Documentable

False

Rule Version

TANS-00-000655

Severity Override Guidance

Check Content Reference

Target Key

5259

Tanium must implement organization-defined automated security responses if baseline configurations are changed in an unauthorized manner.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments