Symantec AntiVirus Locally Configured Client

Details

Version / Release: V4R1

Published:

Updated At: 2018-09-23 13:23:52

Actions

Download

Filter


Findings
Severity Open Not Reviewed Not Applicable Not a Finding
Overall 0 0 0 0
Low 0 0 0 0
Medium 0 0 0 0
High 0 0 0 0
Drop CKL or SCAP (XCCDF) results here.

    Vuln Rule Version CCI Severity Title Description Status Finding Details Comments
    SV-6432r4_rule DTAS002 MEDIUM The Symantec Antivirus is not configured to restart for configuration changes. Without an automatic restart, changes to the virus protection will not be in effect until a reboot of the machine. System Administrator
    SV-6433r5_rule DTAS003 HIGH The Symantec Antivirus autoprotect parameter is incorrect. Without autoprotect, the virus scan is not scanning files as they are being accessed. System Administrator
    SV-6434r5_rule DTAS004 MEDIUM The Symantec Antivirus auto protect-All Files configuration is incorrect. All files must be included in virus scans for the scans to be effective. System Administrator
    SV-6435r4_rule DTAS006 MEDIUM The Symantec Antivirus display message parameter is incorrect. Without an appropriate message when an infection is found, the user will not know there is a virus. System Administrator
    SV-6436r3_rule DTAS007 MEDIUM The Symantec Antivirus exclude files configuration is incorrect. This ensures no files are excluded from the scan. System Administrator
    SV-6441r4_rule DTAS012 MEDIUM The Symantec Antivirus autoprotect read parameter is incorrect. Without this parameter files that are accessed by the user will not be checked for viruses. System Administrator
    SV-6442r4_rule DTAS013 MEDIUM The Symantec Antivirus AutoProtect parameter for backup options is incorrect. Without setting this parameter, a copy of the file will not be saved before trying to remove the virus. System Administrator
    SV-6443r4_rule DTAS014 MEDIUM The Symantec Antivirus AutoProtect parameter for autoenabler is incorrect. If virus checking is turned off, this parameter will turn it back on after 5 minutes. This will ensure the virus checking program will remain on even if the user turns it off. System Administrator
    SV-6444r5_rule DTAS015 MEDIUM The Symantec Antivirus AutoProtect parameter for floppies is incorrect. This parameter determines whether floppy disk are checked for viruses. System Administrator
    SV-6445r4_rule DTAS016 MEDIUM The Symantec Antivirus AutoProtect parameter for Boot virus is incorrect. This parameter tell the antivirus program what to do when a boot virus is found. System Administrator
    SV-6447r4_rule DTAS017 MEDIUM The Symantec Antivirus AutoProtect parameter for check floppy at shutdown is incorrect. This checks floppy drives at shutdown time. System Administrator
    SV-6448r5_rule DTAS020 MEDIUM The Symantec Antivirus email parameter for Boot sectors is incorrect. This parameter controls if email is scanned. System Administrator
    SV-6449r5_rule DTAS021 MEDIUM The Symantec Antivirus email client parameter for all files is incorrect. This controls if all files are checked for viruses. System Administrator
    SV-6456r5_rule DTAS029 MEDIUM The Symantec Antivirus email client parameter for compressed files is incorrect. This controls what happens when the program encounters compressed files. System Administrator
    SV-6457r5_rule DTAS030 MEDIUM The Symantec AntiVirus CE History Options parameters are not configured as required. This parameter determines the log history of the antivirus program. System Administrator
    SV-6458r7_rule DTAS031 MEDIUM The Symantec Antivirus is not scheduled to autoupdate. This parameter controls the automation of updates to the signature files System Administrator
    SV-6459r5_rule DTAS032 MEDIUM There is no Symantec Antivirus Scheduled Scans or Startup Scans task configured to scan local drive(s) at least weekly. This controls the automatic scan of all local drives. System Administrator
    SV-6460r7_rule DTAS037 MEDIUM The Symantec Antivirus weekly scan parameter for all files is incorrect. This parameter ensures all files are scanned during the weekly scan. System Administrator
    SV-6461r7_rule DTAS040 MEDIUM The Symantec Antivirus weekly scan parameter for memory enabled is incorrect. This parameter ensures memory is scanned during the weekly scan. System Administrator
    SV-6462r5_rule DTAS041 MEDIUM The Symantec Antivirus weekly scan parameter for messages is incorrect. This parameter ensures that appropriate messages are displayed if a virus is found. System Administrator
    SV-6463r5_rule DTAS042 MEDIUM The Symantec Antivirus weekly scan parameter for exclude files is incorrect. This parameter controls which files are excluded from the weekly scan. System Administrator
    SV-6468r5_rule DTAS047 MEDIUM The Symantec Antivirus weekly scan parameter for compressed files is incorrect. This parameter ensures that compressed files are scanned for viruses during the weekly scan. System Administrator
    SV-6469r5_rule DTAS048 MEDIUM The Symantec Antivirus weekly scan parameter for backup files is incorrect. This parameter controls the action of backing up files to a quarantine area during the weekly scan. System Administrator
    SV-6470r6_rule DTAS050 MEDIUM The Symantec Antivirus weekly scan parameter for scan lock is incorrect. This parameter ensures that users cannot stop the weekly scan. System Administrator
    SV-15095r2_rule DTAS060 MEDIUM The Symantec Antivirus autoprotect parameter for Block Security Risks is incorrect. The checks and blocks various types of spyware. Without the correct setting the program will not block the various types of spyware. System Administrator
    SV-15099r2_rule DTAS061 MEDIUM The Symantec Antivirus autoprotect parameter for scan for security risks is incorrect. The AntiVirus has a security risk policy that can be modified/customized for each site. Without Auto-Protect running, these risk polices cannot be scanned and the risk detected. System Administrator
    SV-15100r2_rule DTAS062 MEDIUM The Symantec Antivirus autoprotect parameter for Delete Infected Files on Creation is incorrect. The Symantec Antivirus autoprotect parameter for Delete Infected Files on Creation is incorrect. System Administrator
    SV-15209r2_rule DTAS063 MEDIUM The Symantec Antivirus autoprotect parameter for Threat tracer is incorrect. Threat Tracer, provides insight into threat source. System Administrator
    SV-15210r2_rule DTAS064 MEDIUM The Symantec Antivirus autoprotect parameter for Bloodhound technology is incorrect. Bloodhound Virus detection scans outgoing email messages helps to prevent the spread of threats such as worms that can use email clients to replicate and distribute themselves across a network. System Administrator
    SV-15211r2_rule DTAS065 MEDIUM The Symantec Antivirus autoprotect parameter for Heuristics Level is incorrect. Heuristics analyzes a program's structure, its behavior, and other attributes for virus-like characteristics. In many cases it can protect against threats such as mass-mailing worms and macro viruses, if you encounter them before updating your virus defin
    SV-15212r5_rule DTAS066 MEDIUM The Symantec Antivirus autoprotect parameter for macro virus first action is incorrect. This setting is required for the Auto-Protect Macro virus First action policy. When a Macro virus is detected, the first action to be performed must be the option to delete risk, clean risk, or quarantine the risk. System Administrator
    SV-15213r3_rule DTAS067 MEDIUM The Symantec Antivirus autoprotect parameter for macro virus second action is incorrect. A program or code segment written in the internal macro language of an application. Some macros replicate, while others infect documents. After the first iteration, the file Book1 is inserted in the Excel Start directory to make sure that any newly open
    SV-15214r3_rule DTAS068 MEDIUM The Symantec Antivirus autoprotect parameter for non-macro first action virus is incorrect. A program or code segment written in the internal macro language of an application. Some macros replicate, while others infect documents. After the first iteration, the file Book1 is inserted in the Excel Start directory to make sure that any newly open
    SV-15215r3_rule DTAS069 MEDIUM The Symantec Antivirus autoprotect parameter for check non-macro second action is incorrect. A program or code segment written in the internal macro language of an application. Some macros replicate, while others infect documents. After the first iteration, the file Book1 is inserted in the Excel Start directory to make sure that any newly open
    SV-15216r3_rule DTAS070 MEDIUM The Symantec Antivirus autoprotect parameter for Security Risks first action is incorrect. This setting is required for the Auto-Protect Security Risks First action policy. When a Security Risk is detected, the first action to be performed must be the option to delete risk, clean risk, or quarantine the risk. System Administrator
    SV-15222r3_rule DTAS071 MEDIUM The Symantec Antivirus autoprotect parameter for Security Risks Second Action is incorrect. This setting is required for the Auto-Protect Security Risks second ("If first action fails") action policy. When a Security Risk such as Adware or Dialers is detected the second action to be performed must be the option to delete risk, or quarantine the
    SV-15223r6_rule DTAS080 MEDIUM The Symantec Antivirus email client for notification into the email is incorrect. This setting is required in order for the Symantec Antivirus email client to send an email warning notification of a security risk. The “Insert warning into e-mail message” attribute must be selected. System Administrator
    SV-15224r5_rule DTAS081 MEDIUM The Symantec Antivirus autoprotect email parameter for macro virus first action is incorrect. This setting is required for the Auto-Protect email parameter Macro virus First action policy. When an email Macro virus is detected, the first action to be performed must be the option to delete risk, clean risk, or quarantine the risk. System Administra
    SV-15225r5_rule DTAS082 MEDIUM The Symantec Antivirus autoprotect email parameter for macro virus second action is incorrect. This setting is required for the Auto-Protect email parameter Macro virus second action policy. When an email Macro virus is detected, the second action ("If first action fails:") to be performed must be the option to delete risk, clean risk, or quarantin
    SV-15226r5_rule DTAS083 MEDIUM The Symantec Antivirus autoprotect email parameter for non-macro first action virus is incorrect. This setting is required for the Auto-Protect email parameter non-Macro virus First action policy. When a non-Macro virus is detected the first action to be performed must be the option to delete risk, clean risk, or quarantine the risk. System Administra
    SV-15227r6_rule DTAS084 MEDIUM The Symantec Antivirus autoprotect email parameter for check non-macro second action is incorrect. This setting is required for the Auto-Protect email parameter non-Macro virus Second action policy. When a non-Macro virus is detected the Second action ("If first action fails") to be performed must be the option to delete risk, clean risk, or quarantin
    SV-15228r4_rule DTAS085 MEDIUM The Symantec Antivirus Auto-Protect email parameter for Security Risks first action is incorrect. This setting is required for the Auto-Protect email Security Risks First action policy. When a Security Risk is detected the first action to be performed must be the option to delete risk, clean risk, or quarantine the risk. System Administrator
    SV-15229r4_rule DTAS086 MEDIUM The Symantec Antivirus autoprotect parameter for Email Security Risks Second Action is incorrect. This setting is required for the Auto-Protect email Security Risks second ("If first action fails") action policy. When a Security Risk such as Adware or Dialers is detected, the second action to be performed must be the option to delete risk, or quaranti
    SV-15231r4_rule DTAS091 MEDIUM The Symantec Antivirus weekly scan parameter for scanning load points is incorrect. This setting is required to configure the scanning of load points. "Load points" are defined by Symantec AV as "Common Infection locations". System Administrator
    SV-15232r4_rule DTAS092 MEDIUM The Symantec Antivirus weekly scan parameter for well knowns before others is incorrect. This setting is required to configure scanning locations of well-known vuruses and security risks. System Administrator
    SV-15233r2_rule DTAS093 MEDIUM The Symantec Antivirus weekly scan parameter for macro virus first action is incorrect. This setting is required for the weekly scan Macro virus First action policy. When a Macro virus is detected, the first action to be performed must be the option to delete risk, clean risk, or quarantine the risk. System Administrator
    SV-15234r4_rule DTAS094 MEDIUM The Symantec Antivirus weekly scan parameter for macro virus second action is incorrect. This setting is required for the weekly scan parameter Macro virus Second action policy. When a non-Macro virus is detected, the Second action ("If first action fails") to be performed must be the option to delete risk, clean risk, or quarantine the risk.
    SV-15235r4_rule DTAS095 MEDIUM The Symantec Antivirus weekly scan parameter for non-macro first action virus is incorrect. This setting is required for the weekly scan parameter non-Macro virus First action policy. When a non-Macro virus is detected, the first action to be performed must be the option to delete risk, clean risk, or quarantine the risk. System Administrator
    SV-15240r4_rule DTAS096 MEDIUM The Symantec Antivirus autoprotect parameter for check non-macro second action is incorrect. This setting is required for the Auto-Protect parameter non-Macro virus second action policy. When an email Macro virus is detected, the second action ("If first action fails:") to be performed must be the option to delete risk, clean risk, or quarantine
    SV-15241r3_rule DTAS097 MEDIUM The Symantec Antivirus weekly scan parameter for Security Risks first action is incorrect. This setting is required for the weekly scan parameter Security Risks First action policy. When a Security Risk is detected, the first action to be performed must be the option to delete risk, clean risk, or quarantine the risk. System Administrator
    SV-15242r4_rule DTAS098 MEDIUM The Symantec Antivirus weekly scan parameter for Security Risks second action is incorrect. This setting is required for the weekly scan parameter Security Risks second ("If first action fails") action policy. When a Security Risk, such as Adware or Dialers, is detected, the second action to be performed must be the option to delete risk, or qua
    SV-22086r1_rule DTAG008 HIGH The antivirus signature file age exceeds 7 days. Antivirus signature files are updated almost daily by antivirus software vendors. These files are made available to antivirus clients as they are published. Keeping virus signature files as current as possible is vital to the security of any system. Note