STIGQter STIGQter: STIG Summary: McAfee MOVE AV Multi-Platform 4.5 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Jul 2018:

Path or file exclusions configured in McAfee MOVE AV On Access Scan Policy must be formally documented by the System Administrator and approved by the ISSO/ISSM.

DISA Rule

SV-93243r1_rule

Vulnerability Number

V-78537

Group Title

MV45-OAS-000007

Rule Version

MV45-OAS-000007

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Access the McAfee ePO console.

Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus 4.5.0" from the Product list.

From the Category list, select "On Access Scan".

Select each configured On Access Scan policy.

Under "Exclusions", remove any Path Exclusions that have been configured other than the following and that have not been formally documented by the System Administrator and approved by the ISSO/ISSM:

**\McAfee\Common Framework\
**\Program Files\McAfee\Agent\
*.log

Click "Save".

Check Contents

Access the McAfee ePO console.

Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus 4.5.0" from the Product list.

From the Category list, select "On Access Scan".

Select each configured On Access Scan policy.

Under "Exclusions", verify no Path Exclusions have been configured other than the following:

**\McAfee\Common Framework\
**\Program Files\McAfee\Agent\
*.log

If any Path Exclusions are configured and those Path Exclusions have not been formally documented by the System Administrator and approved by the ISSO/ISSM, this is a finding.

Vulnerability Number

V-78537

Documentable

False

Rule Version

MV45-OAS-000007

Severity Override Guidance

Access the McAfee ePO console.

Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus 4.5.0" from the Product list.

From the Category list, select "On Access Scan".

Select each configured On Access Scan policy.

Under "Exclusions", verify no Path Exclusions have been configured other than the following:

**\McAfee\Common Framework\
**\Program Files\McAfee\Agent\
*.log

If any Path Exclusions are configured and those Path Exclusions have not been formally documented by the System Administrator and approved by the ISSO/ISSM, this is a finding.

Check Content Reference

M

Target Key

3233

Comments