McAfee VirusScan Locally Configured Client

U_McAfeeVirusScanLocalClient_V4R10_Manual-XCCDF.xml

Details

Version / Release: V4R10

Published: 2014-01-03

Updated At: 2018-09-23 04:05:50

Actions

Download

Filter


Vuln Rule Version CCI Severity Title Description
SV-6538r1_rule DTAM001 CCI-001242 HIGH The McAfee VirusScan Control Panel parameters are not configured as required. This parameter controls if the scan is started at startup.System AdministratorECSC-1
SV-6554r1_rule DTAM002 CCI-001242 MEDIUM The McAfee VirusScan on access scan parameter for Boot sectors is incorrect. This parameter controls if boot sectors are scanned at startup.System AdministratorECSC-1
SV-6555r2_rule DTAM003 CCI-001242 MEDIUM The McAfee VirusScan on access scan parameter for floppy disks is incorrect. This parameter controls the scanning of floppy disks.System AdministratorECSC-1
SV-6556r1_rule DTAM004 CCI-001242 MEDIUM The McAfee VirusScan message dialog parameters are not configured as required. This parameter notifies the user when a virus is detected.System AdministratorECSC-1
SV-6557r1_rule DTAM005 CCI-001242 MEDIUM The McAfee VirusScan remove messages parameters are not configured as required. This parameter controls if users can remove virus alerts from the display.System AdministratorECSC-1
SV-6558r1_rule DTAM006 MEDIUM The McAfee VirusScan Clean Infected file parameter is not configured as required. This parameter deteremines if infected files are cleaned.System AdministratorECSC-1
SV-6559r1_rule DTAM007 MEDIUM The McAfee VirusScan delete infected file parameter is not configured as required. This parameter controls if infected files are deleted.System AdministratorECSC-1
SV-6560r1_rule DTAM008 MEDIUM The McAfee VirusScan quarantine parameter is not configured as required. This parameter controls if infected files are moved to a quarantine folder.System AdministratorECSC-1
SV-6561r1_rule DTAM009 CCI-001242 MEDIUM The McAfee VirusScan Control Panel log parameter is not configured as required. This parameter controls the logging of the scan.System AdministratorECSC-1
SV-6562r1_rule DTAM010 CCI-001242 MEDIUM The McAfee VirusScan limit log size parameter is not configured as required. This parameter controls the log size.System AdministratorECSC-1
SV-6565r1_rule DTAM012 CCI-001242 MEDIUM The McAfee VirusScan log summary parameter is not configured as required. This parameter controls if the session summary is being logged.System AdministratorECSC-1
SV-6693r1_rule DTAM013 CCI-001242 MEDIUM The McAfee VirusScan log encrypted files parameter is not configured as required. This parameter controls if failure to scan encrypted files is logged.System AdministratorECSC-1
SV-6694r1_rule DTAM014 MEDIUM The McAfee VirusScan log user name parameter is not configured as required. This parameter controls if the user name is logged.System AdministratorECSC-1
SV-6695r2_rule DTAM016 CCI-001247 MEDIUM The McAfee VirusScan autoupdate parameters are not configured as required. This parameter ensure that the product is configured to get autoupdates.System AdministratorECVP-1
SV-6696r1_rule DTAM021 MEDIUM The McAfee VirusScan Exchange scanner is not enabled. This parameter controls if the email client scanner is active.System AdministratorECSC-1
SV-6697r1_rule DTAM022 CCI-001668 MEDIUM The McAfee VirusScan find unknown programs email parameter is not configured as required. This parameter controls if scanning is performed for unknown program viruses.System AdministratorECSC-1
SV-6698r1_rule DTAM023 CCI-001668 MEDIUM The McAfee VirusScan find unknown macro virus email parameter is not configured as required. This parameter controls the scanning for unknown macro viruses.System AdministratorECSC-1
SV-6699r1_rule DTAM026 CCI-001668 MEDIUM The McAfee VirusScan scan inside archives email parameter is not configured as required. This parameter controls if the contents of archives are checked for viruses.System AdministratorECSC-1
SV-6700r1_rule DTAM027 CCI-001668 MEDIUM The McAfee VirusScan decode MIME email parameter is not configured as required. This parameter controls if encoded files should be decoded for virus scans.System AdministratorECSC-1
SV-6702r1_rule DTAM028 CCI-001668 MEDIUM The McAfee VirusScan scan e-mail message body email parameter is not configured as required. This parameter ensures the email message contents is scanned for viruses.System AdministratorECSC-1
SV-6704r1_rule DTAM029 CCI-001243 MEDIUM The McAfee VirusScan allowed actions email parameter is not configured as required. This parameter controls what actions should happen when a virus is detected.System AdministratorECSC-1
SV-6706r1_rule DTAM030 MEDIUM The McAfee VirusScan action prompt email parameter is not configured as required. This parameter ensures appropriate actions are prompted for when a virus is found.System AdministratorECSC-1
SV-6707r1_rule DTAM033 MEDIUM The McAfee VirusScan return reply email parameter is not configured as required. This parameter controls if an email is sent back to the original email sender indicating there was a virus detected.System AdministratorECSC-1
SV-6708r1_rule DTAM034 MEDIUM The McAfee VirusScan prompt message email parameter is not configured as required. This parameter ensures an appropriate message is displayed for the user to indicate a virus was found within an email.System AdministratorECSC-1
SV-6713r1_rule DTAM035 CCI-001668 MEDIUM The McAfee VirusScan log to file email parameter is not configured as required. This parameter ensures that virus scanning sessions for email are logged.System AdministratorECSC-1
SV-6715r1_rule DTAM036 CCI-001668 MEDIUM The McAfee VirusScan limit log size email parameter is not configured as required. This parameter deteremines the size of the log file to ensure data is available for review.System AdministratorECSC-1
SV-6716r2_rule DTAM037 MEDIUM The McAfee VirusScan log content email parameter is not configured as required. This setting controls the entries that are stored in the virus scanning log.System AdministratorECSC-1
SV-6717r1_rule DTAM045 CCI-001241 MEDIUM The McAfee VirusScan fixed disk and running processes are not configured as required. This parameter ensures that all fixed disks and running processes are scanned for viruses.System AdministratorECSC-1
SV-6718r1_rule DTAM046 CCI-001241 MEDIUM The McAfee VirusScan include subfolders parameter is not configured as required. This parameter ensures that subfolders are scanned for viruses.System AdministratorECSC-1
SV-6719r1_rule DTAM047 CCI-001241 MEDIUM The McAfee VirusScan include boot sectors parameter is not configured as required. This parameter ensures that the boot sector is scanned for viruses.System AdministratorECSC-1
SV-6720r1_rule DTAM048 CCI-001241 MEDIUM The McAfee VirusScan scan all files parameter is not configured as required. This parameter ensures all files are scanned.System AdministratorECSC-1
SV-6723r2_rule DTAM050 CCI-001241 MEDIUM The McAfee VirusScan exclusions parameter is not configured as required. This parameter ensures that there are no unapproved exclusions from the virus scanning.System AdministratorECSC-1
SV-6731r1_rule DTAM052 CCI-001241 MEDIUM The McAfee VirusScan scan archives parameter is not configured as required. This parameter ensures that archive files are checked for viruses.System AdministratorECSC-1
SV-6732r1_rule DTAM053 CCI-001241 MEDIUM The McAfee VirusScan decode MIME encoded files parameter is not configured as required. This file ensures that MIME encoded files are scanned for viruses.System AdministratorECSC-1
SV-6734r1_rule DTAM054 CCI-001241 MEDIUM The McAfee VirusScan find unknown programs parameter is not configured as required. This parameter will ensure the virus scanner checks for unknown program viruses.System AdministratorECSC-1
SV-6735r1_rule DTAM055 CCI-001241 MEDIUM The McAfee VirusScan find unknown macro viruses parameter is not configured as required. This parameter controls checking for unknown macro viruses.System AdministratorECSC-1
SV-6736r1_rule DTAM056 CCI-001243 MEDIUM The McAfee VirusScan action for Virus parameter is not configured as required. This parameter controls the action when a virus is found.System AdministratorECSC-1
SV-6737r1_rule DTAM057 CCI-001243 MEDIUM The McAfee VirusScan secondary action for virus parameter is not configured as required. This parameter controls the secondary action that is performed when a virus is found.System AdministratorECSC-1
SV-6738r1_rule DTAM059 CCI-001241 MEDIUM The McAfee VirusScan log to file parameter is not configured as required. This parameter ensures that virus scan activities are written to a log file.System AdministratorECSC-1
SV-6740r1_rule DTAM060 CCI-001241 MEDIUM The McAfee VirusScan log file limit parameter is not configured as required. This parameter determines the minimum size for the log to ensure enough data is available for review.System AdministratorECSC-1
SV-6744r1_rule DTAM062 MEDIUM The McAfee VirusScan log session summary parameter is not configured as required. This parameter ensures that session summary information is logged for future review if needed.System AdministratorECSC-1
SV-6745r1_rule DTAM063 CCI-001241 MEDIUM The McAfee VirusScan failure on encrypted files parameter is not configured as required. This parameter ensures that failures on encrypted files are logged.System AdministratorECSC-1
SV-6746r1_rule DTAM064 MEDIUM The McAfee VirusScan log user name is not configured as required. This parameter controls the user name being logged as part of the log file.System AdministratorECSC-1
SV-6747r1_rule DTAM070 CCI-001241 MEDIUM The McAfee VirusScan schedule is not configured as required. This parameter ensures that the virus scan is scheduled to be executed.System AdministratorECSC-1
SV-15243r1_rule DTAM090 CCI-001242 MEDIUM The McAfee VirusScan on access scan parameter for scipt scan is incorrect. This setting is required for the virus software.System AdministratorInformation Assurance OfficerECVP-1
SV-15244r1_rule DTAM091 CCI-001242 MEDIUM The McAfee VirusScan on access scan parameter for connection blocking is incorrect. This setting is required for the virus software.System AdministratorInformation Assurance OfficerECVP-1
SV-15245r1_rule DTAM092 CCI-001242 MEDIUM The McAfee VirusScan on access scan parameter for connection blocking time is incorrect. This setting is required for the virus software.System AdministratorInformation Assurance OfficerECVP-1
SV-15246r1_rule DTAM093 CCI-001242 MEDIUM The McAfee VirusScan on access scan parameter for blocking unwanted programs is incorrect. This setting is required for the virus software.System AdministratorInformation Assurance OfficerECVP-1
SV-15247r1_rule DTAM100 CCI-001242 MEDIUM The McAfee VirusScan scan default values for processes are not configured as required. This setting is required for the virus software.System AdministratorInformation Assurance OfficerECVP-1
SV-15248r1_rule DTAM101 CCI-001242 MEDIUM The McAfee VirusScan scan when writing to disk is not configured as required. This setting is required for the virus software.System AdministratorInformation Assurance OfficerECVP-1
SV-15249r1_rule DTAM102 CCI-001242 MEDIUM The McAfee VirusScan scan when reading parameter is not configured as required. This setting is required for the virus software.System AdministratorInformation Assurance OfficerECVP-1
SV-15250r1_rule DTAM103 CCI-001242 MEDIUM The McAfee VirusScan scan all files parameter is not configured as required. This setting is required for the virus software.System AdministratorInformation Assurance OfficerECVP-1
SV-15251r1_rule DTAM104 CCI-001242 MEDIUM The McAfee VirusScan heuristics program viruses parameter is not configured as required. This setting is required for the virus software.System AdministratorInformation Assurance OfficerECVP-1
SV-15252r1_rule DTAM105 CCI-001242 MEDIUM The McAfee VirusScan heuristics macro viruses parameter is not configured as required. This setting is required for the virus software.System AdministratorInformation Assurance OfficerECVP-1
SV-15253r1_rule DTAM106 CCI-001242 MEDIUM The McAfee VirusScan scan inside archives parameter is not configured as required. This setting is required for the virus software.Information Assurance OfficerECVP-1
SV-15255r1_rule DTAM110 CCI-001242 MEDIUM The McAfee VirusScan process primary action parameter is not configured as required. This setting is required for the virus software.System AdministratorInformation Assurance OfficerECVP-1
SV-15256r1_rule DTAM111 CCI-001242 MEDIUM The McAfee VirusScan process secondary action parameter is not configured as required. This setting is required for the virus software.System AdministratorInformation Assurance OfficerECVP-1
SV-15277r1_rule DTAM038 MEDIUM he McAfee VirusScan detects unwanted programs email parameter is not configured as required. This setting is required for the virus software.System AdministratorInformation Assurance OfficerECVP-1
SV-15278r3_rule DTAM039 CCI-001243 MEDIUM The McAfee VirusScan unwanted programs action email parameter is not configured as required. This setting is required for the virus software.System AdministratorInformation Assurance OfficerECVP-1
SV-15280r1_rule DTAM058 CCI-001241 MEDIUM The McAfee VirusScan check for unwanted programs parameter is not configured as required. This setting is required for the virus software.System AdministratorInformation Assurance OfficerECVP-1
SV-15283r1_rule DTAM130 CCI-001242 MEDIUM The McAfee VirusScan buffer overflow protection is not configured as required. This setting is required for the virus software.System AdministratorInformation Assurance OfficerECVP-1
SV-15284r1_rule DTAM131 CCI-001242 MEDIUM The McAfee VirusScan buffer overflow protection mode is not configured as required. This setting is required to ensure that buffer overflow protection is enabled and that "Protection mode" is enabled. Buffer overflow protection prevents tampered with application code from being executed on the computer. The "Protection mode" option is selected to ensure that the application is prevented from executing. System AdministratorInformation Assurance OfficerECVP-1
SV-15285r1_rule DTAM132 CCI-001242 MEDIUM The McAfee VirusScan buffer overflow message parameter is not configured as required. This setting is required to ensure when buffer overflow protection is enabled that the "Show the messages dialog box when a buffer overflow is detected" is selected. Buffer overflow protection prevents tampered with application code from being executed on the computer. The "Show the messages dialog box when a buffer overflow is detected" option is selected to ensure that the user is notified . System AdministratorInformation Assurance OfficerECVP-1
SV-15286r1_rule DTAM133 CCI-001242 MEDIUM The McAfee VirusScan buffer overflow log parameter is not configured as required. This setting is required to ensure when buffer overflow protection is enabled that the "Enable activity logging and accept the default location for the log file or specify a new location" is selected. Buffer overflow protection prevents tampered with application code from being executed on the computer. The "Enable activity logging and accept the default location for the log file or specify a new location" option is selected to ensure that buffer overflow logging is being performed .System AdministratorInformation Assurance OfficerECVP-1
SV-15287r1_rule DTAM134 CCI-001242 MEDIUM The McAfee VirusScan log size limitation parameters are not configured as required. This setting is required to ensure when buffer overflow protection is enabled that the "Log file size" is selected. Buffer overflow protection prevents tampered with application code from being executed on the computer. The "Log file size" option is selected to ensure that buffer overflow log file size does not excced 100mb.System AdministratorInformation Assurance OfficerECVP-1
SV-15288r1_rule DTAM135 CCI-001668 MEDIUM The McAfee VirusScan detection of Spyware is not configured as required. This setting is required to ensure that under the Unwanted Programs Policies, Spyware is selected. This enables the detection of Spyware on the system.System AdministratorInformation Assurance OfficerECVP-1
SV-15289r1_rule DTAM136 CCI-001668 MEDIUM The McAfee VirusScan detection of Adware is not configured as required. This setting is required to ensure that under the Unwanted Programs Policies, Adware is selected. This enables the detection of Adware on the system.System AdministratorInformation Assurance OfficerECVP-1
SV-22081r1_rule DTAG008 CCI-001240 HIGH The antivirus signature file age exceeds 7 days. Antivirus signature files are updated almost daily by antivirus software vendors. These files are made available to antivirus clients as they are published. Keeping virus signature files as current as possible is vital to the security of any system. Note: If the vendor or trusted site’s files match the date of the signature files on the machine, this is not a finding. System AdministratorECVP-1
SV-46286r1_rule DTAM137 CCI-001242 MEDIUM The McAfee VirusScan File Reputation Service setting is not configured as required. This parameter controls setting the Heuristic network check for suspicious files in the File Reputation Service.System AdministratorECSC-1