STIGQter: STIG Summary: Bromium Secure Platform 4.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 May 2018: STIGQter: STIG Summary: Bromium Secure Platform 4.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 May 2018:SV-95143r1_rule
V-80439
SRG-APP-000295
BROM-00-000650
CAT II
10
Modify the base policy to ensure that the micro-VM will terminate the user session upon the detection of malicious activity.
1. Using the management console, navigate to "Policies" and select the base policy.
2. Navigate to "Security".
3. Navigate to and enable the check box and radio button for the "Generate isolated threat malware manifests?" policy setting.
4. Click "Save and Deploy".
Review base policy to ensure that the micro-virtual machine (VM) will capture the malware manifest upon the detection of malicious activity.
1. Using the management console, navigate to "Policies" and select the base policy.
2. Navigate to "Security".
3. Navigate to and inspect the "Generate isolated threat malware manifests?" policy setting.
If the Bromium vSentry client is not configured to automatically capture and forward payloads that were downloaded and determined to be malicious to the management console, this is a finding.
V-80439
False
BROM-00-000650
Review base policy to ensure that the micro-virtual machine (VM) will capture the malware manifest upon the detection of malicious activity.
1. Using the management console, navigate to "Policies" and select the base policy.
2. Navigate to "Security".
3. Navigate to and inspect the "Generate isolated threat malware manifests?" policy setting.
If the Bromium vSentry client is not configured to automatically capture and forward payloads that were downloaded and determined to be malicious to the management console, this is a finding.
M
3375