STIGQter: STIG Summary: Tanium 7.0 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 July 2018: STIGQter: STIG Summary: Tanium 7.0 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 July 2018:SV-93309r1_rule
V-78603
SRG-APP-000023
TANS-CN-000003
CAT II
10
Consult with the Tanium System Administrator to review the documented list of Tanium users.
Compare the list of Tanium users versus the users found in the appropriate Active Directory security groups for the User Roles.
Using a web browser on a system that has connectivity to Tanium, access the Tanium web UI and log on with CAC.
Click on "Administration".
Select the "Users" tab.
Any users populated manually, select the user's name, and then click on the "trashcan" icon at the top of the console to delete this user.
Note: Consult with the Tanium System Administrator before deleting any user accounts to ensure any scheduled actions or other content is reassigned to another user. This will prevent any potential issues arising from the deletion of a user.
Using a web browser on a system that has connectivity to Tanium, access the Tanium web user interface (UI) and log on with CAC.
Click on the navigation button (hamburger menu) on the top left of the console.
Click on "Administration".
Select the "Users" tab.
Consult with the Tanium System Administrator to review the documented list of Tanium users. Compare the list of Tanium users versus the users found in the appropriate Active Directory security groups for the User Roles.
If there are any console users who are listed in the Tanium console that are not found in a synced Active Directory security group, this is a finding.
Alternatively, the ISSO can document the non-synced Active Directory security group users and accept the risk for the users. If this is the case, this would no longer be a finding.
V-78603
False
TANS-CN-000003
Using a web browser on a system that has connectivity to Tanium, access the Tanium web user interface (UI) and log on with CAC.
Click on the navigation button (hamburger menu) on the top left of the console.
Click on "Administration".
Select the "Users" tab.
Consult with the Tanium System Administrator to review the documented list of Tanium users. Compare the list of Tanium users versus the users found in the appropriate Active Directory security groups for the User Roles.
If there are any console users who are listed in the Tanium console that are not found in a synced Active Directory security group, this is a finding.
Alternatively, the ISSO can document the non-synced Active Directory security group users and accept the risk for the users. If this is the case, this would no longer be a finding.
M
3215