STIGQter: STIG Summary: Tanium 7.3 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

Tanium Computer Groups must be used to restrict console users from affecting changes to unauthorized computers.

DISA Rule

SV-234050r612749_rule

Vulnerability Number

V-234050

Group Title

SRG-APP-000033

Rule Version

TANS-CN-000004

Severity

CAT II

CCI(s)

• CCI-000213 - The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies.

Weight

10

Fix Recommendation

Using a web browser on a system that has connectivity to the Tanium Server, access the Tanium Server web user interface (UI).

Log on with CAC.

Click on the navigation button (hamburger menu) on the top left of the console.

Click on "Administration".

Select the "Computer Groups" tab.

Configure specific Computer Groups in order to facilitate the management of computers by authorized individuals for those computers.

Note: Tanium offers two ways to define computer groups. Refer to documentation for explanation found here: https://docs.tanium.com/platform_user/platform_user/console_computer_groups.html#Computer_Group_types.

Note: Active Directory Computer Groups may also be used to sync with Tanium Computer Groups as a means to satisfy this requirement.

Check Contents

Using a web browser on a system that has connectivity to the Tanium Application, access the Tanium Application web user interface (UI).

Log on with CAC.

Click on the navigation button (hamburger menu) on the top left of the console.

Click on "Administration".

Select the "Computer Groups" tab.

Under the "Name" column, verify specific groups exist other than the default "All Computers" and "No Computers".

If site or organization specific computer groups do not exist, this is a finding.

Vulnerability Number

V-234050

Documentable

False

Rule Version

TANS-CN-000004

Severity Override Guidance

Using a web browser on a system that has connectivity to the Tanium Application, access the Tanium Application web user interface (UI).

Log on with CAC.

Click on the navigation button (hamburger menu) on the top left of the console.

Click on "Administration".

Select the "Computer Groups" tab.

Under the "Name" column, verify specific groups exist other than the default "All Computers" and "No Computers".

If site or organization specific computer groups do not exist, this is a finding.

Check Content Reference

M

Target Key

5259

Comments