STIGQter: STIG Summary: Tanium 7.3 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

Tanium public keys of content providers must be validated against documented trusted content providers.

DISA Rule

SV-234081r612749_rule

Vulnerability Number

V-234081

Group Title

SRG-APP-000015

Rule Version

TANS-SV-000005

Severity

CAT II

CCI(s)

• CCI-001453 - The information system implements cryptographic mechanisms to protect the integrity of remote access sessions.

Weight

10

Fix Recommendation

Access the Tanium Server interactively.

Log on to the server with an account that has administrative privileges.

Open an "Explorer" window.

Navigate to the following folder: Program Files >> Tanium >> Tanium Server >> content_public_keys >> content folder.

If a public key, other than the default Tanium public key, resides in the content folder, use a hashing utility (e.g., TaniumFileInfo.exe) to determine the hash of the public key.

Document the owner, the name of the key, and the associated hash of the public key.

Check Contents

Note: If only using Tanium provided content and not accepting content from any other content providers, this is Not Applicable.

Obtain documentation from the Tanium System Administrator that contains the public key validation data.

Access the Tanium Server interactively.

Log on to the server with an account that has administrative privileges.

Open an "Explorer" window.

Navigate to the following folder: Program Files >> Tanium >> Tanium Server >> content_public_keys >> content folder.

Ensure the public keys listed in the content folder are documented.

If a public key, other than the default Tanium public key, resides in the content folder and is not documented, this is a finding.

Vulnerability Number

V-234081

Documentable

False

Rule Version

TANS-SV-000005

Severity Override Guidance

Note: If only using Tanium provided content and not accepting content from any other content providers, this is Not Applicable.

Obtain documentation from the Tanium System Administrator that contains the public key validation data.

Access the Tanium Server interactively.

Log on to the server with an account that has administrative privileges.

Open an "Explorer" window.

Navigate to the following folder: Program Files >> Tanium >> Tanium Server >> content_public_keys >> content folder.

Ensure the public keys listed in the content folder are documented.

If a public key, other than the default Tanium public key, resides in the content folder and is not documented, this is a finding.

Check Content Reference

M

Target Key

5259

Comments