STIGQter: STIG Summary: Tanium 7.3 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The Tanium Server must protect the confidentiality and integrity of transmitted information, in preparation to be transmitted and data at rest, with cryptographic signing capabilities enabled to protect the authenticity of communications sessions when making requests from Tanium Clients.

DISA Rule

SV-234077r612749_rule

Vulnerability Number

V-234077

Group Title

SRG-APP-000429

Rule Version

TANS-SV-000001

Severity

CAT II

CCI(s)

• CCI-002476 - The information system implements cryptographic mechanisms to prevent unauthorized disclosure of organization-defined information at rest on organization-defined information system components.
• CCI-002420 - The information system maintains the confidentiality and/or integrity of information during preparation for transmission.
• CCI-002421 - The information system implements cryptographic mechanisms to prevent unauthorized disclosure of information and/or detect changes to information during transmission unless otherwise protected by organization-defined alternative physical safeguards.

Weight

10

Fix Recommendation

Using a web browser on a system, which has connectivity to the Tanium Application, access the Tanium Application web user interface (UI).

Log on with CAC.

Click on the navigation button (hamburger menu) on the top left of the console.

Click on "Administration".

Select the "Global Settings" tab.

Click on "New Setting".

In "New System Setting" dialog window to the right, enter "ReportingTLSMode" for "Setting Name:".

Enter "2" for "Setting Value:".

Select "Client" from "Affects" drop-down list.

Select "Numeric" from "Value Type" drop-down list.

Click "Save".
Click on "New Setting".

In "New System Setting" dialog window to the right, enter "StateProtectedFlag" for "Setting Name:".

Enter "1" for "Setting Value:".

Select "Client" from "Affects" drop-down list.

Select "Numeric" from "Value Type" drop-down list.

Click "Save".

Check Contents

Using a web browser on a system, which has connectivity to the Tanium Application, access the Tanium Application web user interface (UI).

Log on with CAC.

Click on the navigation button (hamburger menu) on the top left of the console.

Click on "Administration".

Select the "Global Settings" tab.

In the "Show Settings Containing:" search box type "ReportingTLSMode". Enter.

If no results are returned, this is a finding.

In the "Show Settings Containing:" search box type "StateProtectedFlag". Enter.

If no results are returned or "StateProtectedFlag = 0", this is a finding.

If results are returned for "ReportingTLSMode" but the value is "0", this is a finding.

Vulnerability Number

V-234077

Documentable

False

Rule Version

TANS-SV-000001

Severity Override Guidance

Using a web browser on a system, which has connectivity to the Tanium Application, access the Tanium Application web user interface (UI).

Log on with CAC.

Click on the navigation button (hamburger menu) on the top left of the console.

Click on "Administration".

Select the "Global Settings" tab.

In the "Show Settings Containing:" search box type "ReportingTLSMode". Enter.

If no results are returned, this is a finding.

In the "Show Settings Containing:" search box type "StateProtectedFlag". Enter.

If no results are returned or "StateProtectedFlag = 0", this is a finding.

If results are returned for "ReportingTLSMode" but the value is "0", this is a finding.

Check Content Reference

M

Target Key

5259

Comments