STIGQter: STIG Summary: McAfee VirusScan 8.8 Local Client STIG Version: 5 Release: 16 Benchmark Date: 27 Jul 2018:

McAfee VirusScan On-Delivery Email Scanner log file size must be restricted and be configured to be at least 10MB.

DISA Rule

SV-56393r2_rule

Vulnerability Number

V-6597

Group Title

DTAM036-McAfee VirusScan limit log size email

Rule Version

DTAM036

Severity

CAT II

CCI(s)

• CCI-000140 - The information system takes organization-defined actions upon audit failure (e.g., shut down information system, overwrite oldest audit records, stop generating audit records).

Weight

10

Fix Recommendation

Access the local VirusScan console by clicking Start >> All Programs >> McAfee >> VirusScan Console.
Under the Task column, select the On-Delivery Email Scanner Option, right-click, and select Properties.

Under the Reports tab, locate the "Log file" label.

Select the "Limit the size of log file" option. For the "Maximum log file size:" select a value of at least 10MB.

Click OK to Save.

Check Contents

Access the local VirusScan console by clicking Start >> All Programs >> McAfee >> VirusScan Console.
Under the Task column, select the On-Delivery Email Scanner Option, right-click, and select Properties.

Under the Reports tab, locate the "Log file size" label.

Criteria: If the "Limit the size of log file" is checked and the "Maximum log file size:" is at least 10MB, this is not a finding.

On the client machine, use the Windows Registry Editor to navigate to the following key:
HKLM\Software\McAfee\ (32-bit)
HKLM\Software\Wow6432Node\McAfee\ (64-bit)
SystemCore\VSCore\Email Scanner\Outlook\OnDelivery\ReportOptions

Criteria: If both the value of bLimitSize is 1 and the value of dwMaxLogSizeMB is at least decimal (10), this is not a finding.

Vulnerability Number

V-6597

Documentable

False

Rule Version

DTAM036

Severity Override Guidance

Access the local VirusScan console by clicking Start >> All Programs >> McAfee >> VirusScan Console.
Under the Task column, select the On-Delivery Email Scanner Option, right-click, and select Properties.

Under the Reports tab, locate the "Log file size" label.

Criteria: If the "Limit the size of log file" is checked and the "Maximum log file size:" is at least 10MB, this is not a finding.

On the client machine, use the Windows Registry Editor to navigate to the following key:
HKLM\Software\McAfee\ (32-bit)
HKLM\Software\Wow6432Node\McAfee\ (64-bit)
SystemCore\VSCore\Email Scanner\Outlook\OnDelivery\ReportOptions

Criteria: If both the value of bLimitSize is 1 and the value of dwMaxLogSizeMB is at least decimal (10), this is not a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

605

Comments