STIGQter: STIG Summary: Tanium 7.3 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The Tanium Server certificate must be signed by a DoD Certificate Authority.

DISA Rule

SV-234106r612749_rule

Vulnerability Number

V-234106

Group Title

SRG-APP-000427

Rule Version

TANS-SV-000036

Severity

CAT II

CCI(s)

• CCI-002470 - The information system only allows the use of organization-defined certificate authorities for verification of the establishment of protected sessions.

Weight

10

Fix Recommendation

Request or regenerate the certificate from a DoD Root Certificate Authority.

Check Contents

Using a web browser on a system, which has connectivity to the Tanium Application, access the Tanium Application web user interface (UI).

Log on with CAC.

When connected, review the Certificate for the Tanium Server:

In Internet Explorer, right-click on the page.

Select "Properties".

Click on the "Certificates" tab.

On the "General" tab, validate the Certificate shows as issued by a DOD Root CA.

On Certification "Path" tab, validate the path top-level is a DoD Root CA.

If the certificate authority is not DoD Root CA, this is a finding.

Vulnerability Number

V-234106

Documentable

False

Rule Version

TANS-SV-000036

Severity Override Guidance

Using a web browser on a system, which has connectivity to the Tanium Application, access the Tanium Application web user interface (UI).

Log on with CAC.

When connected, review the Certificate for the Tanium Server:

In Internet Explorer, right-click on the page.

Select "Properties".

Click on the "Certificates" tab.

On the "General" tab, validate the Certificate shows as issued by a DOD Root CA.

On Certification "Path" tab, validate the path top-level is a DoD Root CA.

If the certificate authority is not DoD Root CA, this is a finding.

Check Content Reference

M

Target Key

5259

Comments