DTAM102 - McAfee VirusScan On-Access Default Processes Policies must be configured to scan when reading from disk.

Information

Antivirus software is the most commonly used technical control for malware threat mitigation. Real-time scanning of files as they are read from disk is a crucial first line of defense from malware attacks.

Solution

From the ePO server console System Tree, select the Systems tab, select the asset to be checked, select Actions, select Agent, and select Modify Policies on a Single System. From the product pull down list, select VirusScan Enterprise 8.8.0. Select from the Policy column the policy associated with the On-Access Default Processes Policies. Under the Scan Items tab, locate the 'Scan files:' label. Select the 'When reading from disk' option. Select Save.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_McAfee_VirusScan88_Managed_Client_V6R1_STIG.zip

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-3c.1., CAT|II, CCI|CCI-001242, Rule-ID|SV-216933r397870_rule, STIG-ID|DTAM102, STIG-Legacy|SV-55225, STIG-Legacy|V-14624, Vuln-ID|V-216933

Plugin: Windows

Control ID: f30b1c4fddde21e941211a40266dd6a507b0fe7f3ddaf126ffb7baccef8e0f1b