STIGQter: STIG Summary: Trend Micro Deep Security 9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 26 Feb 2016:

Trend Deep Security must use cryptographic mechanisms to protect the integrity of audit information.

DISA Rule

SV-80391r1_rule

Vulnerability Number

V-65901

Group Title

SRG-APP-000126

Rule Version

TMDS-00-000125

Severity

CAT I

CCI(s)

• CCI-001350 - The information system implements cryptographic mechanisms to protect the integrity of audit information.

Weight

10

Fix Recommendation

Configure the Trend Deep Security server to use cryptographic mechanisms to protect the integrity of audit information.

Enabled encryption for report generation.
Go to Administration >> User Management >> Users >> Right-click an administrative user account and select "Properties".
Within the "Settings" tab select "Enable PDF Encryption" and enter a password.

Check Contents

Review the Trend Deep Security server configuration to ensure cryptographic mechanisms are used to protect the integrity of audit information.

Verify PDF encryption is enabled for report generation.
Go to Administration >> User Management >> Users >> Right-click an administrative user account and select "Properties".
Within the "Settings" tab select "Enable PDF Encryption".

If "Enable PDF Encryption" is not enabled, this is a finding.

Vulnerability Number

V-65901

Documentable

False

Rule Version

TMDS-00-000125

Severity Override Guidance

Review the Trend Deep Security server configuration to ensure cryptographic mechanisms are used to protect the integrity of audit information.

Verify PDF encryption is enabled for report generation.
Go to Administration >> User Management >> Users >> Right-click an administrative user account and select "Properties".
Within the "Settings" tab select "Enable PDF Encryption".

If "Enable PDF Encryption" is not enabled, this is a finding.

Check Content Reference

M

Target Key

2955

Comments