STIGQter: STIG Summary: McAfee VirusScan 8.8 Local Client STIG Version: 5 Release: 16 Benchmark Date: 27 Jul 2018: STIGQter: STIG Summary: McAfee VirusScan 8.8 Local Client STIG Version: 5 Release: 16 Benchmark Date: 27 Jul 2018:SV-56401r2_rule
V-6604
DTAM050-McAfee VirusScan exclusions parameter
DTAM050
CAT II
10
Access the local VirusScan console by clicking Start->All Programs->McAfee->VirusScan Console.
In the console window, under Task, with the assistance of the System Administrator, identify the weekly on-demand client scan task.
Right-click on the Task and select Properties.
Under the Exclusions tab, locate the "What not to scan:" label, remove any items.
Click OK to Save.
Access the local VirusScan console by clicking Start->All Programs->McAfee->VirusScan Console.
In the console window, under Task, with the assistance of the System Administrator, identify the weekly on-demand client scan task.
Right-click the Task and select Properties.
Under the Exclusions tab, locate the "What not to scan:" label. Ensure that no items are listed in this area. If any items are listed, they must be documented with, and approved by, the local ISSO/ISSM/DAA.
Criteria: If no items are listed in the "What not to scan:" area, this is not a finding.
If excluded items exist, and they are documented with and approved by the ISSO/ISSM/DAA, this is not a finding.
If excluded items exist, and they are not documented with and approved by the ISSO/ISSM/DAA, this is a finding.
On the client machine, use the Windows Registry Editor to navigate to the following key:
HKLM\Software\McAfee\ (32-bit)
HKLM\Software\Wow6432Node\McAfee\ (64-bit)
DesktopProtection\Tasks
Under the DesktopProtection\Tasks, and with the assistance of the System Administrator, review each GUID key's szTaskName to find the GUID key associated with weekly on-demand client scan task.
Criteria: If, under the applicable GUID key, the NumExcludeItems has value of 0, this is not a finding.
If the NumExcludeItems has value other than 0, and they are documented with and approved by the ISSO/ISSM/DAA, this is not a finding.
If the NumExcludeItems has value other than 0, and they are not documented with and approved by the ISSO/ISSM/DAA, this is a finding.
V-6604
False
DTAM050
Access the local VirusScan console by clicking Start->All Programs->McAfee->VirusScan Console.
In the console window, under Task, with the assistance of the System Administrator, identify the weekly on-demand client scan task.
Right-click the Task and select Properties.
Under the Exclusions tab, locate the "What not to scan:" label. Ensure that no items are listed in this area. If any items are listed, they must be documented with, and approved by, the local ISSO/ISSM/DAA.
Criteria: If no items are listed in the "What not to scan:" area, this is not a finding.
If excluded items exist, and they are documented with and approved by the ISSO/ISSM/DAA, this is not a finding.
If excluded items exist, and they are not documented with and approved by the ISSO/ISSM/DAA, this is a finding.
On the client machine, use the Windows Registry Editor to navigate to the following key:
HKLM\Software\McAfee\ (32-bit)
HKLM\Software\Wow6432Node\McAfee\ (64-bit)
DesktopProtection\Tasks
Under the DesktopProtection\Tasks, and with the assistance of the System Administrator, review each GUID key's szTaskName to find the GUID key associated with weekly on-demand client scan task.
Criteria: If, under the applicable GUID key, the NumExcludeItems has value of 0, this is not a finding.
If the NumExcludeItems has value other than 0, and they are documented with and approved by the ISSO/ISSM/DAA, this is not a finding.
If the NumExcludeItems has value other than 0, and they are not documented with and approved by the ISSO/ISSM/DAA, this is a finding.
M
System Administrator
605