FireEye - Greylists are enabled

Information

Greylists provide control over the priority of workorders for known IP addresses and URLs. Greylists contain files that contain either URLs or IP addresses and are used by the FireEye web analysis engine to check if the specified URLs or IP addresses contain a malicious rule match. NOTE: The Greylist page does not display in the Settings tab of the Web MPS GUI until the feature is enabled from the FireEye CLI.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Edit the configuration and modify this line:\n

web-analysis greylists enable

Item Details

Audit Name: TNS FireEye

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CSCv6|3.1

Plugin: FireEye

Control ID: f6242041c5e81a766421fe5244e94a8dd78ef4c1f134e66e28db22c1bf8aca44