STIGQter: STIG Summary: Tanium 7.0 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 July 2018:

Tanium Trusted Content providers must be documented.

DISA Rule

SV-93367r1_rule

Vulnerability Number

V-78661

Group Title

SRG-APP-000015

Rule Version

TANS-SV-000003

Severity

CAT II

CCI(s)

• CCI-001453 - The information system implements cryptographic mechanisms to protect the integrity of remote access sessions.

Weight

10

Fix Recommendation

Prepare and maintain documentation identifying the Tanium trusted content providers along with the SHA-256 Hash from their respective public keys.

Check Contents

Note: If only using Tanium provided content and not accepting content from any other content providers, this is "Not Applicable".

Consult with the Tanium System Administrator to review the documented list of trusted content providers along with the Hash for their respective public keys.

If the site does not have the Tanium trusted content providers documented along with the SHA-256 Hash for their respective public keys, this is a finding.

Vulnerability Number

V-78661

Documentable

False

Rule Version

TANS-SV-000003

Severity Override Guidance

Note: If only using Tanium provided content and not accepting content from any other content providers, this is "Not Applicable".

Consult with the Tanium System Administrator to review the documented list of trusted content providers along with the Hash for their respective public keys.

If the site does not have the Tanium trusted content providers documented along with the SHA-256 Hash for their respective public keys, this is a finding.

Check Content Reference

M

Target Key

3215

Comments