STIGQter STIGQter: STIG Summary: Tanium 7.3 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The Tanium application must set an absolute timeout for sessions.

DISA Rule

SV-234126r612749_rule

Vulnerability Number

V-234126

Group Title

SRG-APP-000295

Rule Version

TANS-SV-000066

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Using a web browser on a system that has connectivity to the Tanium application, access the Tanium application web UI and log on with CAC.

Click on the navigation button (hamburger menu) on the top left of the console.

Click on "Administration".

Select the "Global Settings" tab.

Click on "New Setting".

In the "New System Setting" dialog box, enter "session_expiration_seconds" for "Setting Name:".

Enter "900" or less for "Setting Value:".

Select "Server" from the "Affects" drop-down list.

Select "Numeric" from the "Value Type" drop-down list.

Click "Save".

If "session_expiration_seconds" exists but is not "900" or less, select the box beside the value and click on "Edit".

Enter "900" or less for "Setting Value:".

Click "Save".

Check Contents

Using a web browser on a system that has connectivity to the Tanium application, access the Tanium application web user interface (UI) and log on with CAC.

Click on the navigation button (hamburger menu) on the top left of the console.

Click on "Administration".

Select the "Global Settings" tab.

In the "Show Settings Containing:" search box, type "session_expiration_seconds".

Click "Enter".

If no results are returned, this is a finding.

If results are returned for "session_expiration_seconds", but the value is not "900" or less, this is a finding.

Vulnerability Number

V-234126

Documentable

False

Rule Version

TANS-SV-000066

Severity Override Guidance

Using a web browser on a system that has connectivity to the Tanium application, access the Tanium application web user interface (UI) and log on with CAC.

Click on the navigation button (hamburger menu) on the top left of the console.

Click on "Administration".

Select the "Global Settings" tab.

In the "Show Settings Containing:" search box, type "session_expiration_seconds".

Click "Enter".

If no results are returned, this is a finding.

If results are returned for "session_expiration_seconds", but the value is not "900" or less, this is a finding.

Check Content Reference

M

Target Key

5259

Comments