STIGQter STIGQter: STIG Summary: McAfee MOVE AV Multi-Platform 4.5 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Jul 2018:

The McAfee MOVE AV Common Options policy must be configured to send all events to the HBSS ePO server.

DISA Rule

SV-93217r1_rule

Vulnerability Number

V-78511

Group Title

MV45-COP-000002

Rule Version

MV45-COP-000002

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Access the McAfee ePO console.

Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus Common 4.5.0" from the Product list.

From the Category list, select "Options".

Select each configured Options policy.

Click "Show Advanced".

Under "Events", select the "Send events to McAfee ePO" check box.

Click "Save".

Check Contents

Access the McAfee ePO console.

Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus Common 4.5.0" from the Product list.

From the Category list, select "Options".

Select each configured Options policy.

Click "Show Advanced".

Under "Events", verify the "Send events to McAfee ePO" check box is selected.

If the "Send events to McAfee ePO" check box is not selected, this is a finding.

Vulnerability Number

V-78511

Documentable

False

Rule Version

MV45-COP-000002

Severity Override Guidance

Access the McAfee ePO console.

Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus Common 4.5.0" from the Product list.

From the Category list, select "Options".

Select each configured Options policy.

Click "Show Advanced".

Under "Events", verify the "Send events to McAfee ePO" check box is selected.

If the "Send events to McAfee ePO" check box is not selected, this is a finding.

Check Content Reference

M

Target Key

3233

Comments