Dec 22, 2023 |
Mar 7, 2023 Miscellaneous- Metadata updated.
- References updated.
|
Dec 7, 2022 |
Apr 25, 2022 Miscellaneous- Metadata updated.
- References updated.
|
Feb 1, 2021 Miscellaneous- Metadata updated.
- References updated.
|
Sep 29, 2020 |
Jun 12, 2020 |
Apr 14, 2020 Miscellaneous- Metadata updated.
- References updated.
|
Jan 29, 2019 Miscellaneous- Metadata updated.
- References updated.
|
Dec 14, 2018 Functional Update- FireEye - A scheduled system backup job is configured
- FireEye - AAA LDAP binding user should not be an admin
- FireEye - AAA failed logins are tracked
- FireEye - AAA is enabled
- FireEye - AAA lockout settings apply to the 'admin' user
- FireEye - AAA lockouts are enabled
- FireEye - AAA lockouts delay further attempts for at least 30 seconds
- FireEye - AAA lockouts occur after at most 5 failures
- FireEye - AAA tries local authentication first
- FireEye - AAA user mapping default
- FireEye - AAA user mapping source
- FireEye - Binary analysis AV-suite is enabled
- FireEye - Boot image must be signed
- FireEye - Boot manager password is set
- FireEye - CLI commands do not hide any settings from administrators
- FireEye - Configuration auditing logs the required number of changes
- FireEye - Custom SNORT rules are enabled
- FireEye - Email encryption certificates are verified
- FireEye - FENet patch updates are applied automatically
- FireEye - FENet security content updates are applied automatically
- FireEye - FireEye Web MPS version
- FireEye - Greylist URL list
- FireEye - Greylists are enabled
- FireEye - Guest images
- FireEye - IPMI is enabled
- FireEye - IPMI password needs to be set
- FireEye - IPMI should be connected to a restricted management network
- FireEye - Inline blocking mode configuration
- FireEye - Inline blocking network whitelists
- FireEye - Inline blocking signature policy exceptions
- FireEye - Interface configuration
- FireEye - LDAP encryption certificates are verified
- FireEye - LDAP requires encryption
- FireEye - List patches
- FireEye - Local logging level includes all errors and warnings
- FireEye - Local logging level is not overridden except by defaults
- FireEye - Local logging retention configuration
- FireEye - Login banner
- FireEye - Management interface is only accessible from specific IP ranges
- FireEye - NTP client is synchronized
- FireEye - NTP client uses a custom server
- FireEye - NTP is enabled
- FireEye - Remote syslog is enabled
- FireEye - Remote syslog logging level includes all errors and warnings
- FireEye - Reports are run on a schedule
- FireEye - SNMP is enabled
- FireEye - SNMP trap hosts that use community override use a secure community string
- FireEye - SNMP traps use a secure community string
- FireEye - SNMP uses a secure community string
- FireEye - SNMP v3 users have passwords
- FireEye - SNMP v3 uses AES instead of DES
- FireEye - SNMP v3 uses SHA instead of MD5
- FireEye - SSH connections must be SSHv2
- FireEye - SSH users are logged out after 15 minutes of inactivity or less
- FireEye - System events are emailed to administrators
- FireEye - TNS Best Practices FireEye Audit
- FireEye - The appliance uses a trusted DNS server
- FireEye - Time zone selection
- FireEye - USB media is not auto-mounted
- FireEye - User 'admin' SSH access is disabled
- FireEye - User connections are limited by subnet or VLAN
- FireEye - Usernames admin list
- FireEye - Usernames list
- FireEye - Web interface does not use the system self-signed certificate
- FireEye - Web users are logged out after 20 minutes of inactivity or less
- FireEye - Web-analysis incident list
- FireEye - Workorder stats
- FireEye - YARA policy applies both customer and FireEye rules
- FireEye - YARA rules are enabled
Informational Update- FireEye - AAA LDAP binding user should not be an admin
- FireEye - AAA user mapping default
- FireEye - AAA user mapping source
- FireEye - FENet security content updates are applied automatically
- FireEye - Greylist URL list
- FireEye - Greylists are enabled
- FireEye - Guest images
- FireEye - IPMI password needs to be set
- FireEye - IPMI should be connected to a restricted management network
- FireEye - List patches
- FireEye - Local logging retention configuration
- FireEye - Login banner
- FireEye - NTP client uses a custom server
- FireEye - SNMP is enabled
- FireEye - User connections are limited by subnet or VLAN
- FireEye - Usernames list
- FireEye - Web-analysis incident list
- FireEye - Workorder stats
Miscellaneous- Metadata updated.
- Platform check updated.
- References updated.
- Variables updated.
Removed- FireEye appliance not found on target
|
