| Checked | Name | Title |
|---|
| ☐ | SV-213316r506897_rule | A McAfee Application Control written policy must be documented to outline the organization-specific variables for application whitelisting. |
| ☐ | SV-213317r506897_rule | The use of a Solidcore 8.x local Command Line Interface (CLI) Access Password must be documented in the organizations written policy. |
| ☐ | SV-213318r506897_rule | The Solidcore client Command Line Interface (CLI) Access password complexity requirements must be documented in the organizations written policy. |
| ☐ | SV-213319r506897_rule | The Solidcore client Command Line Interface (CLI) Access Password protection process must be documented in the organizations written policy. |
| ☐ | SV-213320r506897_rule | The requirement for scheduled Solidcore client Command Line Interface (CLI) Access Password changes must be documented in the organizations written policy. |
| ☐ | SV-213321r506897_rule | The process by which the Solidcore client Command Line Interface (CLI) Access Password is made available to administrators when needed must be documented in the organizations written policy. |
| ☐ | SV-213322r506897_rule | The McAfee Application Control Options Advanced Threat Defense (ATD) settings, if being used, must be confined to the organizations enclave. |
| ☐ | SV-213323r506897_rule | The configuration of features under McAfee Application Control Options policies Enforce feature control must be documented in the organizations written policy. |
| ☐ | SV-213324r506897_rule | The organizations written policy must include a process for how whitelisted applications are deemed to be allowed. |
| ☐ | SV-213325r506897_rule | The organizations written policy must include procedures for how often the whitelist of allowed applications is reviewed. |
| ☐ | SV-213326r506897_rule | The Solidcore client must be enabled. |
| ☐ | SV-213327r506897_rule | The Solidcore client Command Line Interface (CLI) must be in lockdown mode. |
| ☐ | SV-213328r506897_rule | The Solidcore client Command Line Interface (CLI) Access Password must be changed from the default. |
| ☐ | SV-213329r506897_rule | The organization-specific Rules policy must only include executable and dll files that are associated with applications as allowed by the organizations written policy. |
| ☐ | SV-213330r506897_rule | The McAfee Application Control Options Reputation setting must be configured to use the McAfee Global Threat Intelligence (McAfee GTI) option. |
| ☐ | SV-213331r506897_rule | The McAfee Application Control Options Reputation-Based Execution settings, if enabled, must be configured to allow Most Likely Trusted or Known Trusted only. |
| ☐ | SV-213332r506897_rule | The McAfee Application Control Options Advanced Threat Defense (ATD) settings must not be enabled unless an internal ATD is maintained by the organization. |
| ☐ | SV-213333r506897_rule | The McAfee Application Control Options Advanced Threat Defense (ATD) settings, if being used, must be configured to send all binaries with a reputation of Might be Trusted and below for analysis. |
| ☐ | SV-213334r506897_rule | The McAfee Application Control Options Advanced Threat Defense (ATD) settings, if being used, must be configured to only send binaries with a size of 5 MB or less. |
| ☐ | SV-213335r506897_rule | Organization-specific McAfee Applications Control Options policies must be created and applied to all endpoints. |
| ☐ | SV-213336r506897_rule | The McAfee Application Control Options policy must be configured to disable Self-Approval. |
| ☐ | SV-213337r506897_rule | The McAfee Application Control Options policy End User Notification, if configured by organization, must have all default variables replaced with the organization-specific data. |
| ☐ | SV-213338r561345_rule | The McAfee Application Control Options policies Enforce feature control memory protection must be enabled. |
| ☐ | SV-213339r506897_rule | Enabled features under McAfee Application Control Options policies Enforce feature control must not be configured unless documented in written policy and approved by ISSO/ISSM. |
| ☐ | SV-213340r506897_rule | The McAfee Application Control Options Inventory option must be configured to hide OS Files. |
| ☐ | SV-213341r557322_rule | The McAfee Application Control Options Inventory interval option must be configured to pull inventory from endpoints on a regular basis not to exceed seven days. |
| ☐ | SV-213342r506897_rule | The McAfee Applications Default Rules policy must be part of the effective rules policy applied to every endpoint. |
| ☐ | SV-213343r506897_rule | A copy of the McAfee Default Rules policy must be part of the effective rules policy applied to every endpoint. |
| ☐ | SV-213344r506897_rule | The organization-specific Rules policies must be part of the effective rules policy applied to all endpoints. |
| ☐ | SV-213345r506897_rule | The organization-specific Solidcore Client Policies must be created and applied to all endpoints. |
| ☐ | SV-213346r506897_rule | The Throttling settings must be enabled and configured to settings according to organizations requirements. |
| ☐ | SV-213347r506897_rule | The Solidcore Client Exception Rules must be documented in the organizations written policy. |
STIGQter: STIG Summary: