DTAM090 - McAfee VirusScan On-Access General Policies must be configured to enable scanning of scripts.

Information

Interpreted viruses are executed by an application. Within this subcategory, macro viruses take advantage of the capabilities of applications' macro programming language to infect application documents and document templates, while scripting viruses infect scripts that are understood by scripting languages processed by services on the OS. Many attackers use toolkits containing several different types of utilities and scripts that can be used to probe and attack hosts. (NIST SP 800-83) The scanning of scripts is crucial in preventing these attacks.

Solution

From the ePO server console System Tree, select the Systems tab, select the asset to be checked, select Actions, select Agent, and select Modify Policies on a Single System. From the product pull down list, select VirusScan Enterprise 8.8.0. Select from the Policy column the policy associated with the On-Access General Policies. Under the ScriptScan tab, locate the 'ScriptScan:' label. Select the 'Enable scanning of scripts' option. Select Save.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_McAfee_VirusScan88_Managed_Client_V6R1_STIG.zip

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-3c.1., CAT|II, CCI|CCI-001242, Rule-ID|SV-216927r397870_rule, STIG-ID|DTAM090, STIG-Legacy|SV-55214, STIG-Legacy|V-14618, Vuln-ID|V-216927

Plugin: Windows

Control ID: 27a99b664b55453ea356cc58e75f976bad93c8ff931f6d43348742d310faadd4