STIGQter: STIG Summary: McAfee MOVE AV Multi-Platform 4.5 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Jul 2018:

The McAfee MOVE AV On Access Scan Policy must be configured to scan when reading from disk.

DISA Rule

SV-93239r1_rule

Vulnerability Number

V-78533

Group Title

MV45-OAS-000005

Rule Version

MV45-OAS-000005

Severity

CAT II

CCI(s)

• CCI-001242 - The organization configures malicious code protection mechanisms to perform real-time scans of files from external sources at endpoints as the files are downloaded, opened, or executed in accordance with organizational security policy.

Weight

10

Fix Recommendation

Access the McAfee ePO console.

Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus 4.5.0" from the Product list.

From the Category list, select "On Access Scan".

Select each configured On Access Scan policy.

Select the On Access Scan policy to be configured.

Under "Scan", select the "When reading from disk" check box.

Click "Save".

Check Contents

Access the McAfee ePO console.

Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus 4.5.0" from the Product list.

From the Category list, select "On Access Scan".

Select each configured On Access Scan policy.

Under "Scan", verify the "When reading from disk" check box is selected.

If the "When reading from disk" check box is not selected, this is a finding.

Vulnerability Number

V-78533

Documentable

False

Rule Version

MV45-OAS-000005

Severity Override Guidance

Access the McAfee ePO console.

Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus 4.5.0" from the Product list.

From the Category list, select "On Access Scan".

Select each configured On Access Scan policy.

Under "Scan", verify the "When reading from disk" check box is selected.

If the "When reading from disk" check box is not selected, this is a finding.

Check Content Reference

M

Target Key

3233

Comments