STIGQter: STIG Summary: Tanium 7.3 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

Tanium Server files must be protected from file encryption actions.

DISA Rule

SV-234109r612749_rule

Vulnerability Number

V-234109

Group Title

SRG-APP-000516

Rule Version

TANS-SV-000043

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Implement excluding policies within the file-level encryption software solution to exclude encryption of the Tanium Server program files.

Check Contents

Consult with the Tanium System Administrator to determine the file-level encryption software used on the Tanium Server.

Review the settings for the file-level encryption software.

Validate exclusions exist which exclude the Tanium program files from being encrypted by the file-level encryption software.

If exclusions do not exist, this is a finding.

Vulnerability Number

V-234109

Documentable

False

Rule Version

TANS-SV-000043

Severity Override Guidance

Consult with the Tanium System Administrator to determine the file-level encryption software used on the Tanium Server.

Review the settings for the file-level encryption software.

Validate exclusions exist which exclude the Tanium program files from being encrypted by the file-level encryption software.

If exclusions do not exist, this is a finding.

Check Content Reference

M

Target Key

5259

Comments