| Checked | Name | Title |
|---|
| ☐ | SV-55134r1_rule | McAfee VirusScan On-Access General Policies must be configured to enable on-access scanning at system startup. |
| ☐ | SV-55135r1_rule | McAfee VirusScan On-Access General Policies must be configured to scan boot sectors. |
| ☐ | SV-55139r1_rule | McAfee VirusScan On-Access General Policies must be configured to scan floppy during shutdown. |
| ☐ | SV-55141r1_rule | McAfee VirusScan On-Access General Policies must be configured to notify local users when detections occur. |
| ☐ | SV-55144r1_rule | McAfee VirusScan On-Access General Policies must be configured to prevent users from removing messages from the list. |
| ☐ | SV-55145r1_rule | McAfee VirusScan On-Access General Policies must be configured to log the scan sessions. |
| ☐ | SV-55147r1_rule | McAfee VirusScan On-Access General Policies log file size must be restricted and be configured to at least 10MB. |
| ☐ | SV-55148r1_rule | McAfee VirusScan On-Access General Policies must be configured to log the session summary. |
| ☐ | SV-55149r1_rule | McAfee VirusScan On-Access General Policies must be configured to log any failure to scan encrypted files. |
| ☐ | SV-55151r4_rule | McAfee VirusScan must be configured to receive DAT and Engine updates. |
| ☐ | SV-55153r2_rule | McAfee VirusScan On-Delivery Email Scan Policies must be configured to enable on-delivery email scanning. |
| ☐ | SV-55169r2_rule | McAfee VirusScan On-Delivery Email Scan Policies must be configured to find unknown program threats and Trojans. |
| ☐ | SV-55171r2_rule | McAfee VirusScan On Delivery Email Scan Policies must be configured to find unknown macro threats. |
| ☐ | SV-55174r2_rule | McAfee VirusScan On Delivery Email Scan Policies must be configured to decode MIME encoded files. |
| ☐ | SV-55177r2_rule | McAfee VirusScan On Delivery Email Scan Policies must be configured to scan email message body. |
| ☐ | SV-55178r2_rule | McAfee VirusScan On Delivery Email Scan Policies, when a threat is found, must be configured to clean attachments as the first action. |
| ☐ | SV-55187r2_rule | McAfee VirusScan On-Delivery Email Scan Policies must be configured to record scanning activity in a log file. |
| ☐ | SV-55188r2_rule | McAfee VirusScan On-Delivery Email Scan Policies log file size must be restricted and be configured to be at least 10MB. |
| ☐ | SV-55191r4_rule | McAfee VirusScan On-Demand scan must be configured to scan all fixed, or local, disks and running processes. |
| ☐ | SV-55192r3_rule | McAfee VirusScan On-Demand scan must be configured to scan all subfolders. |
| ☐ | SV-55193r3_rule | McAfee VirusScan On-Demand scan must be configured to scan boot sectors. |
| ☐ | SV-55194r3_rule | McAfee VirusScan On-Demand scan must be configured to scan all files. |
| ☐ | SV-55195r4_rule | McAfee VirusScan On-Demand scan must be configured so there are no exclusions from the scan unless exclusions have been documented with, and approved by, the ISSO/ISSM/DAA. |
| ☐ | SV-55196r4_rule | McAfee VirusScan On-Demand scan must be configured to scan inside archives. |
| ☐ | SV-55197r3_rule | McAfee VirusScan On-Demand scan must be configured to decode MIME encoded files. |
| ☐ | SV-55199r3_rule | McAfee VirusScan On-Demand scan must be configured to find unknown program threats. |
| ☐ | SV-55201r3_rule | McAfee VirusScan On-Demand scan must be configured to find unknown macro threats. |
| ☐ | SV-55203r3_rule | McAfee VirusScan On-Demand scan actions, When a threat is found must be configured to clean files automatically as first action. |
| ☐ | SV-55204r3_rule | McAfee VirusScan On-Demand scan actions, When a threat is found must be configured to delete files automatically if first action fails. |
| ☐ | SV-55209r3_rule | McAfee VirusScan On-Demand scan must be configured to record scanning activity in a log file. |
| ☐ | SV-55211r3_rule | McAfee VirusScan On-Demand scan log file size must be restricted and be configured to at least 10MB. |
| ☐ | SV-55212r3_rule | McAfee VirusScan On-Demand scan must be configured to log any failure to scan encrypted files. |
| ☐ | SV-55213r3_rule | McAfee VirusScan On-Demand scan must be scheduled to be executed at least on a weekly basis. |
| ☐ | SV-55214r1_rule | McAfee VirusScan On-Access General Policies must be configured to enable scanning of scripts. |
| ☐ | SV-55217r1_rule | McAfee VirusScan On-Access General Policies must be configured to block the connection when a threatened file is detected in a shared folder. |
| ☐ | SV-55219r1_rule | McAfee VirusScan On-Access General Policies must be configured to unblock connections after a minimum of 30 minutes. |
| ☐ | SV-55221r1_rule | McAfee VirusScan On-Access General Policies must be configured to block the connection when a file with a potentially unwanted program is detected in a shared folder. |
| ☐ | SV-55222r1_rule | McAfee VirusScan On-Access Default Processes Policies must be configured to use only one scanning policy for all processes, unless the use of Low-Risk Processes/High-Risk Processes has been documented with, and approved by, the IAO/IAM. |
| ☐ | SV-55224r1_rule | McAfee VirusScan On-Access Default Processes Policies must be configured to scan when writing to disk. |
| ☐ | SV-55225r1_rule | McAfee VirusScan On-Access Default Processes Policies must be configured to scan when reading from disk. |
| ☐ | SV-55228r1_rule | McAfee VirusScan On-Access Default Processes Policies must be configured to scan all files. |
| ☐ | SV-55230r1_rule | McAfee VirusScan On-Access Default Processes Policies must be configured to find unknown unwanted programs and trojans. |
| ☐ | SV-55231r1_rule | McAfee VirusScan On-Access Default Processes Policies must be configured to find unknown macro viruses. |
| ☐ | SV-55232r3_rule | McAfee VirusScan On-Access Default Processes Policies must be configured to scan inside archives. |
| ☐ | SV-55233r1_rule | McAfee VirusScan On-Access Default Processes Policies Actions for When a threat is found must be configured to clean files automatically as first action. |
| ☐ | SV-55234r1_rule | McAfee VirusScan On-Access Default Processes Policies actions for When a threat is found must be configured delete files automatically if first action fails. |
| ☐ | SV-55189r2_rule | McAfee VirusScan On Delivery Email Scan Policies must be configured to clean attachments as the first action for when an unwanted program is found. |
| ☐ | SV-55207r3_rule | McAfee VirusScan On-Demand scan must be configured to detect for unwanted programs. |
| ☐ | SV-55235r1_rule | McAfee VirusScan Buffer Overflow Protection Policies must be configured to enable Buffer Overflow Protection. |
| ☐ | SV-55236r1_rule | McAfee VirusScan Buffer Overflow Protection Policies must be configured for Protection mode. |
| ☐ | SV-55237r1_rule | McAfee VirusScan Buffer Overflow Protection Policies must be configured to display a dialog box when a buffer overflow is detected. |
| ☐ | SV-55239r1_rule | McAfee VirusScan Buffer Overflow Protection Policies must be configured to record scanning activity in a log file. |
| ☐ | SV-55238r1_rule | McAfee VirusScan Buffer Overflow Protection Policies log file size must be restricted and be configured to at least 10MB. |
| ☐ | SV-55241r1_rule | McAfee VirusScan Unwanted Programs Policies must be configured to detect spyware. |
| ☐ | SV-55242r1_rule | McAfee VirusScan Unwanted Programs Policies must be configured to detect adware. |
| ☐ | SV-55133r2_rule | The antivirus signature file age must not exceed 7 days. |
| ☐ | SV-55243r1_rule | McAfee VirusScan On-Access General Policies Artemis sensitivity level must be configured to medium or higher. |
| ☐ | SV-55180r2_rule | McAfee VirusScan On Delivery Email Scan Policies, When a threat is found, must be configured to clean attachments as the first action and delete attachments if the first action fails. |
| ☐ | SV-55190r2_rule | McAfee VirusScan On Delivery Email Scan Policies must be configured to delete attachments if the first action fails for when an unwanted program is found. |
| ☐ | SV-55244r2_rule | McAfee VirusScan Access Protection Policies must be configured to prevent McAfee services from being stopped. |
| ☐ | SV-55245r2_rule | McAfee VirusScan Access Protection Policies must be configured to record scanning activity in a log file. |
| ☐ | SV-55246r2_rule | McAfee VirusScan Access Protection log file size must be restricted and be configured to at least 10MB. |
| ☐ | SV-55247r2_rule | McAfee VirusScan Access Protection: Common Standard Protection must be set to prevent modification of McAfee files and settings. |
| ☐ | SV-55248r2_rule | McAfee VirusScan Access Protection: Common Standard Protection must be set to prevent modification of McAfee Common Management Agent files and settings. |
| ☐ | SV-55249r2_rule | McAfee VirusScan Access Protection: Common Standard Protection must be set to prevent modification of McAfee Scan Engine files and settings. |
| ☐ | SV-55250r2_rule | McAfee VirusScan Access Protection: Common Standard Protection must be set to prevent termination of McAfee processes. |
| ☐ | SV-55251r5_rule | McAfee VirusScan Access Protection Rules Common Standard Protection must be set to block and report when common programs are run from the Temp folder. |
| ☐ | SV-55252r2_rule | McAfee VirusScan Access Protection: Common Standard Protection must be set to prevent hooking of McAfee processes. |
| ☐ | SV-55253r2_rule | McAfee VirusScan Access Protection: Common Maximum Protection must be set to detect and log launching of files from the Downloaded Programs Files folder. |
| ☐ | SV-55254r6_rule | McAfee VirusScan Access Protection: Anti-Spyware Maximum Protection must be set to block and log execution of scripts from the Temp folder. |
| ☐ | SV-55255r2_rule | McAfee VirusScan Access Protection: Anti-Virus Standard Protection must be set to prevent remote creation of autorun files. |
| ☐ | SV-55256r2_rule | McAfee VirusScan Access Protection: Anti-Virus Standard Protection must be set to prevent mass mailing worms from sending mail. |
| ☐ | SV-55257r3_rule | McAfee VirusScan Access Protection: Anti-Virus Standard Protection must be set to prevent IRC communication. |
| ☐ | SV-55258r2_rule | McAfee VirusScan On-Access General Policies must be configured to not exclude any script processes from being scanned unless the process exclusions have been documented with, and approved by, the ISSO/ISSM/DAA. |
| ☐ | SV-55259r5_rule | McAfee VirusScan On-Access Default Processes Policies must be configured to not exclude any files from being scanned unless exclusions have been documented with, and approved by, the ISSO/ISSM/DAA. |
| ☐ | SV-55260r3_rule | McAfee VirusScan On-Demand scan must be configured to scan memory for rootkits. |
| ☐ | SV-55261r3_rule | McAfee VirusScan On-Demand scan actions, When an unwanted program is found must be configured to clean files automatically as first action. |
| ☐ | SV-55262r3_rule | McAfee VirusScan On-Demand scan actions, When an unwanted program is found must be configured to delete files automatically if first action fails. |
| ☐ | SV-55264r2_rule | McAfee VirusScan On-Delivery Email Scan Policies Artemis sensitivity level must be configured to medium or higher. |
| ☐ | SV-55265r2_rule | McAfee VirusScan On-Delivery Email Scan Policies must be configured to send a notification email to the IAO, IAM, and/or ePO administrator when a threatened email message is detected. |
| ☐ | SV-55266r4_rule | McAfee VirusScan On-Delivery Email Scan Policies must be configured to log session summary and failure to scan encrypted files. |
| ☐ | SV-55267r3_rule | McAfee VirusScan On-Access General Policies must be configured to not exclude any URL scripts from being scanned unless the URL exclusions have been documented with, and approved by, the ISSO/ISSM/DAA. |
| ☐ | SV-55268r3_rule | McAfee VirusScan Access Protection Policies must be configured to enable access protection. |
| ☐ | SV-55269r1_rule | McAfee VirusScan On-Access Default Processes Policies must be configured to detect unwanted programs. |
| ☐ | SV-55270r1_rule | McAfee VirusScan On-Access Default Processes Policies actions, When an unwanted program is found must be configured to clean files automatically as first action. |
| ☐ | SV-55271r2_rule | McAfee VirusScan On-Access Default Processes Policies actions, When an unwanted program is found must be configured to delete files automatically if first action fails. |
| ☐ | SV-73793r3_rule | McAfee VirusScan Access Protection Rules Anti-Spyware Maximum Protection must be set to block and report when common all programs are run from the Temp folder. |
STIGQter: STIG Summary: