DISA McAfee VirusScan 8.8 Managed Client STIG v6r1

Audit Details

Name: DISA McAfee VirusScan 8.8 Managed Client STIG v6r1

Updated: 6/17/2024

Authority: DISA STIG

Plugin: Windows

Revision: 1.4

Estimated Item Count: 99

File Details

Filename: DISA_STIG_McAfee_VirusScan_8.8_Managed_Client_v6r1.audit

Size: 488 kB

MD5: d02f699ba8968c4d7046822444b12b6e
SHA256: df4062bce6271d957e8674d608088b2875f30803756ab7d282cc155aa3bcb8f1

Audit Items

DescriptionCategories
DISA_STIG_McAfee_VirusScan_8.8_Managed_Client_v6r1.audit from DISA McAfee VirusScan 8.8 Managed Client Security Technical implementation Guide v6r1 STIG
DTAG008 - The antivirus signature file age must not exceed 7 days.

SYSTEM AND INFORMATION INTEGRITY

DTAM001 - McAfee VirusScan On-Access General Policies must be configured to enable on-access scanning at system startup.

SYSTEM AND INFORMATION INTEGRITY

DTAM002 - McAfee VirusScan On-Access General Policies must be configured to scan boot sectors.

SYSTEM AND INFORMATION INTEGRITY

DTAM003 - McAfee VirusScan On-Access General Policies must be configured to scan floppy during shutdown.

SYSTEM AND INFORMATION INTEGRITY

DTAM004 - McAfee VirusScan On-Access General Policies must be configured to notify local users when detections occur.

SYSTEM AND COMMUNICATIONS PROTECTION

DTAM005 - McAfee VirusScan On-Access General Policies must be configured to prevent users from removing messages from the list.

SYSTEM AND INFORMATION INTEGRITY

DTAM009 - McAfee VirusScan On-Access General Policies must be configured to log the scan sessions.

SYSTEM AND INFORMATION INTEGRITY

DTAM010 - McAfee VirusScan On-Access General Policies log file size must be restricted and be configured to at least 10MB - bLimitSize

SYSTEM AND INFORMATION INTEGRITY

DTAM010 - McAfee VirusScan On-Access General Policies log file size must be restricted and be configured to at least 10MB - dwMaxLogSizeMB

SYSTEM AND INFORMATION INTEGRITY

DTAM012 - McAfee VirusScan On-Access General Policies must be configured to log the session summary.

SYSTEM AND INFORMATION INTEGRITY

DTAM013 - McAfee VirusScan On-Access General Policies must be configured to log any failure to scan encrypted files.

SYSTEM AND INFORMATION INTEGRITY

DTAM016 - McAfee VirusScan must be configured to receive DAT and Engine updates - schedule is daily

SYSTEM AND INFORMATION INTEGRITY

DTAM016 - McAfee VirusScan must be configured to receive DAT and Engine updates - scheduling enabled

SYSTEM AND INFORMATION INTEGRITY

DTAM021 - McAfee VirusScan On-Delivery Email Scan Policies must be configured to enable on-delivery email scanning.

SYSTEM AND COMMUNICATIONS PROTECTION

DTAM022 - McAfee VirusScan On-Delivery Email Scan Policies must be configured to find unknown program threats and Trojans.

SYSTEM AND COMMUNICATIONS PROTECTION

DTAM023 - McAfee VirusScan On Delivery Email Scan Policies must be configured to find unknown macro threats.

SYSTEM AND COMMUNICATIONS PROTECTION

DTAM027 - McAfee VirusScan On Delivery Email Scan Policies must be configured to decode MIME encoded files.

SYSTEM AND COMMUNICATIONS PROTECTION

DTAM028 - McAfee VirusScan On Delivery Email Scan Policies must be configured to scan email message body.

SYSTEM AND COMMUNICATIONS PROTECTION

DTAM029 - McAfee VirusScan On Delivery Email Scan Policies, when a threat is found, must be configured to clean attachments as the first action.

SYSTEM AND INFORMATION INTEGRITY

DTAM035 - McAfee VirusScan On-Delivery Email Scan Policies must be configured to record scanning activity in a log file.

AUDIT AND ACCOUNTABILITY

DTAM036 - McAfee VirusScan On-Delivery Email Scan Policies log file size must be restricted and be configured to be at least 10MB - bLimitSize

AUDIT AND ACCOUNTABILITY

DTAM036 - McAfee VirusScan On-Delivery Email Scan Policies log file size must be restricted and be configured to be at least 10MB - dwMaxLogSizeMB

AUDIT AND ACCOUNTABILITY

DTAM039 - McAfee VirusScan On Delivery Email Scan Policies must be configured to clean attachments as the first action for when an unwanted program is found.

SYSTEM AND INFORMATION INTEGRITY

DTAM045 - McAfee VirusScan On-Demand scan must be configured to scan all fixed, or local, disks and running processes - Drives

SYSTEM AND INFORMATION INTEGRITY

DTAM045 - McAfee VirusScan On-Demand scan must be configured to scan all fixed, or local, disks and running processes - SpecialMemory

SYSTEM AND INFORMATION INTEGRITY

DTAM046 - McAfee VirusScan On-Demand scan must be configured to scan all subfolders.

SYSTEM AND INFORMATION INTEGRITY

DTAM047 - McAfee VirusScan On-Demand scan must be configured to scan boot sectors.

SYSTEM AND INFORMATION INTEGRITY

DTAM048 - McAfee VirusScan On-Demand scan must be configured to scan all files.

SYSTEM AND INFORMATION INTEGRITY

DTAM050 - McAfee VirusScan On-Demand scan must be configured so there are no exclusions from the scan unless exclusions have been documented with, and approved by, the ISSO/ISSM/DAA.

SYSTEM AND INFORMATION INTEGRITY

DTAM052 - McAfee VirusScan On-Demand scan must be configured to scan inside archives.

SYSTEM AND INFORMATION INTEGRITY

DTAM053 - McAfee VirusScan On-Demand scan must be configured to decode MIME encoded files.

SYSTEM AND INFORMATION INTEGRITY

DTAM054 - McAfee VirusScan On-Demand scan must be configured to find unknown program threats.

SYSTEM AND INFORMATION INTEGRITY

DTAM055 - McAfee VirusScan On-Demand scan must be configured to find unknown macro threats.

SYSTEM AND INFORMATION INTEGRITY

DTAM056 - McAfee VirusScan On-Demand scan actions, When a threat is found must be configured to clean files automatically as first action.

SYSTEM AND INFORMATION INTEGRITY

DTAM057 - McAfee VirusScan On-Demand scan actions, When a threat is found must be configured to delete files automatically if first action fails.

SYSTEM AND INFORMATION INTEGRITY

DTAM058 - McAfee VirusScan On-Demand scan must be configured to detect for unwanted programs.

SYSTEM AND INFORMATION INTEGRITY

DTAM059 - McAfee VirusScan On-Demand scan must be configured to record scanning activity in a log file.

SYSTEM AND INFORMATION INTEGRITY

DTAM060 - McAfee VirusScan On-Demand scan log file size must be restricted and be configured to at least 10MB - bLimitSize

SYSTEM AND INFORMATION INTEGRITY

DTAM060 - McAfee VirusScan On-Demand scan log file size must be restricted and be configured to at least 10MB - Max log file size

SYSTEM AND INFORMATION INTEGRITY

DTAM063 - McAfee VirusScan On-Demand scan must be configured to log any failure to scan encrypted files.

SYSTEM AND INFORMATION INTEGRITY

DTAM070 - McAfee VirusScan On-Demand scan must be scheduled to be executed at least on a weekly basis.

SYSTEM AND INFORMATION INTEGRITY

DTAM090 - McAfee VirusScan On-Access General Policies must be configured to enable scanning of scripts.

SYSTEM AND INFORMATION INTEGRITY

DTAM091 - McAfee VirusScan On-Access General Policies must be configured to block the connection when a threatened file is detected in a shared folder.

SYSTEM AND INFORMATION INTEGRITY

DTAM092 - McAfee VirusScan On-Access General Policies must be configured to unblock connections after a minimum of 30 minutes.

SYSTEM AND INFORMATION INTEGRITY

DTAM093 - McAfee VirusScan On-Access General Policies must be configured to block the connection when a file with a potentially unwanted program is detected in a shared folder.

SYSTEM AND INFORMATION INTEGRITY

DTAM100 - McAfee VirusScan On-Access Default Processes Policies must be configured to use only one scanning policy for all processes, unless the use of Low-Risk Processes/High-Risk Processes has been documented with, and approved by, the IAO/IAM.

SYSTEM AND INFORMATION INTEGRITY

DTAM101 - McAfee VirusScan On-Access Default Processes Policies must be configured to scan when writing to disk.

SYSTEM AND INFORMATION INTEGRITY

DTAM102 - McAfee VirusScan On-Access Default Processes Policies must be configured to scan when reading from disk.

SYSTEM AND INFORMATION INTEGRITY

DTAM103 - McAfee VirusScan On-Access Default Processes Policies must be configured to scan all files.

SYSTEM AND INFORMATION INTEGRITY