McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5

Audit Details

Name: McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5

Updated: 4/25/2022

Authority: DISA STIG

Plugin: Unix

Revision: 1.4

Estimated Item Count: 41

File Details

Filename: DISA_STIG_McAfee_VSEL_1.9.x_2.0.x_Managed_Client_v1r5.audit

Size: 101 kB

MD5: e219f9ff342a9623e00e3a0c53164005
SHA256: 684e506b1bbc61202b15d045789ed0692b0f1df0748fa4c3a036e3d8bff573b8

Audit Items

DescriptionCategories
DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvclean.dat

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvnames.dat

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvscan.dat

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-002 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to receive automatic updates.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-003 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to enable On-Access scanning.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-004 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to decompress archives when scanning.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-005 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find unknown program viruses.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-006 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find unknown macro viruses.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-007 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find potentially unwanted programs.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-008 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to scan files when being written to disk.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-009 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to scan files when being read from disk.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-010 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to scan all file types.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-011 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner maximum scan time must not be less than 45 seconds - default.scanMaxTmo

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-011 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner maximum scan time must not be less than 45 seconds - scanMaxTmo

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-012 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must only be configured with exclusions which are documented and approved by the ISSO/ISSM/AO.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-013 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Clean infected files automatically as first action when a virus or Trojan is detected.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-014 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Move infected files to the quarantine directory if first action fails when a virus or Trojan is detected.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-015 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Clean infected files automatically as first action when programs and jokes are found.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-016 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Move infected files to the quarantine directory if first action fails when programs and jokes are found.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-017 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to deny access to the file if scanning fails.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-018 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to allow access to files if scanning times out.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-019 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be enabled to scan mounted volumes when mounted volumes point to a network server without an anti-virus solution installed.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-100 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to run a scheduled On-Demand scan at least once a week.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-101 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to decompress archives when scanning.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-102 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find unknown program viruses.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-103 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find unknown macro viruses.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-104 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find potentially unwanted programs.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-105 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to scan all file types.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-106 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Clean infected files automatically as first action when a virus or Trojan is detected.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-107 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Move infected files to the quarantine directory if first action fails when a virus or Trojan is detected.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-108 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must only be configured with exclusions which are documented and approved by the ISSO/ISSM/AO.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-109 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x Web UI must be disabled.

CONFIGURATION MANAGEMENT

DTAVSEL-110 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Clean infected files automatically as first action when programs and jokes are found.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-111 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Move infected files to the quarantine directory if first action fails when programs and jokes are found.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-112 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to decode MIME encoded files.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-113 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to include all local drives and their sub-directories.

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-200 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must scan all media used for system maintenance prior to use.

MAINTENANCE

DTAVSEL-201 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to receive all patches, service packs and updates from a DoD-managed source.

CONFIGURATION MANAGEMENT

DTAVSEL-202 - The nails user and nailsgroup group must be restricted to the least privilege access required for the intended role - group

ACCESS CONTROL

DTAVSEL-202 - The nails user and nailsgroup group must be restricted to the least privilege access required for the intended role - user

ACCESS CONTROL

DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes.

SYSTEM AND INFORMATION INTEGRITY