STIGQter: STIG Summary: Tanium 7.3 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The Tanium web server must be tuned to handle the operational requirements of the hosted application.

DISA Rule

SV-234129r612749_rule

Vulnerability Number

V-234129

Group Title

SRG-APP-000435

Rule Version

TANS-SV-000069

Severity

CAT II

CCI(s)

• CCI-002385 - The information system protects against or limits the effects of organization-defined types of denial of service attacks by employing organization-defined security safeguards.

Weight

10

Fix Recommendation

Obtain the vendor tuning documentation for the deployment.

Include it in the system's documentation as proof of tuning.

Check Contents

As part of any Tanium install, Tanium has a tuning process that takes into account customer-provided inputs on the size of the deployment as well as characteristics of the network.

Obtain from Tanium the document that states the tuning settings for the particular installation.

If the organization cannot provide a server-tuning document from the vendor, this is a finding.

Vulnerability Number

V-234129

Documentable

False

Rule Version

TANS-SV-000069

Severity Override Guidance

As part of any Tanium install, Tanium has a tuning process that takes into account customer-provided inputs on the size of the deployment as well as characteristics of the network.

Obtain from Tanium the document that states the tuning settings for the particular installation.

If the organization cannot provide a server-tuning document from the vendor, this is a finding.

Check Content Reference

M

Target Key

5259

Comments