SV-61919r1_rule
V-49033
DTAVSEL-009-McAfee VSEL for SVA OAS scan when reading from disk
DTAVSEL-009
CAT II
10
From the ePO server console System Tree, select "My Organization". Select the "Systems" tab. To show all systems in the System Tree, select "This Group and All Subgroups" from the "Preset:" drop-down list. From the list of systems, locate the asset representing the McAfee MOVE Security Virtual Appliance (SVA). Click on the system to open the System Information page.
Click on Actions | Agent | Modify Policies on a Single System. From the "Product:" drop-down list, select "VirusScan Enterprise for Linux 1.9.0". From the "Policy" column, click on the policy for the "On-Access Scanning Policy".
In the "Detections" tab, next to "Scan files:", select the check box for "When reading from disk".
Click Save.
From the ePO server console System Tree, select "My Organization". Select the "Systems" tab. To show all systems in the System Tree, select "This Group and All Subgroups" from the "Preset:" drop-down list. From the list of systems, locate the asset representing the McAfee MOVE Security Virtual Appliance (SVA). Click on the system to open the System Information page.
Click on Actions | Agent | Modify Policies on a Single System. From the "Product:" drop-down list, select "VirusScan Enterprise for Linux 1.9.0". From the "Policy" column, click on the policy for the "On-Access Scanning Policy".
In the "Detections" tab, next to "Scan files:", verify the check box for "When reading from disk" is selected.
If the check box for "Scan files: When reading from disk" is not selected, this is a finding.
V-49033
False
DTAVSEL-009
From the ePO server console System Tree, select "My Organization". Select the "Systems" tab. To show all systems in the System Tree, select "This Group and All Subgroups" from the "Preset:" drop-down list. From the list of systems, locate the asset representing the McAfee MOVE Security Virtual Appliance (SVA). Click on the system to open the System Information page.
Click on Actions | Agent | Modify Policies on a Single System. From the "Product:" drop-down list, select "VirusScan Enterprise for Linux 1.9.0". From the "Policy" column, click on the policy for the "On-Access Scanning Policy".
In the "Detections" tab, next to "Scan files:", verify the check box for "When reading from disk" is selected.
If the check box for "Scan files: When reading from disk" is not selected, this is a finding.
M
System Administrator
2580