STIGQter: STIG Summary: Tanium 7.3 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The Tanium application database must be dedicated to only the Tanium application.

DISA Rule

SV-234072r612749_rule

Vulnerability Number

V-234072

Group Title

SRG-APP-000323

Rule Version

TANS-DB-000002

Severity

CAT II

CCI(s)

• CCI-002346 - The organization employs organization-defined data mining prevention techniques for organization-defined data storage objects to adequately protect against data mining.

Weight

10

Fix Recommendation

Move the Tanium database from the server hosting multiple databases for products other than Tanium or remove other product databases co-located with Tanium database(s).

Check Contents

With the Tanium System Administrator's assistance, access the server on which the Tanium database(s) is installed.

Review the Tanium database(s).

If databases related to products other than Tanium exist in the Tanium database, this is a finding.

Vulnerability Number

V-234072

Documentable

False

Rule Version

TANS-DB-000002

Severity Override Guidance

With the Tanium System Administrator's assistance, access the server on which the Tanium database(s) is installed.

Review the Tanium database(s).

If databases related to products other than Tanium exist in the Tanium database, this is a finding.

Check Content Reference

M

Target Key

5259

Comments