UCF STIG Viewer Logo

The McAfee MOVE AV Common Options policy must be configured to enable self-protection.


Overview

Finding ID Version Rule ID IA Controls Severity
V-78515 MV45-COP-000004 SV-93221r1_rule High
Description
The self-protection feature defends files, services, and registry keys on virtual machines and will ensure uninterrupted protection. Self-protection on the McAfee MOVE SVM is provided by the SVM's VirusScan Enterprise Access Protection configuration. The self-protection feature is controlled by the IntegrityEnabled configuration parameter. By default, the parameter is set to "0x7", and all components of the feature are enabled.
STIG Date
McAfee MOVE AV Multi-Platform 4.5 Security Technical Implementation Guide 2018-07-09

Details

Check Text ( C-78077r1_chk )
Access the McAfee ePO console.

Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus Common 4.5.0" from the Product list.

From the Category list, select "Options".

Select each configured Options policy.

Under "Self-Protection", confirm "Enable Self-Protection" and "Enable Self-Protection for MOVE CLI" check boxes are both selected.

If either "Enable Self-Protection" or "Enable Self-Protection for MOVE CLI" check boxes are not selected, this is a finding.
Fix Text (F-85249r1_fix)
Access the McAfee ePO console.

Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus Common 4.5.0" from the Product list.

From the Category list, select "Options".

Select each configured Options policy.

Under "Self-Protection", select the "Enable Self-Protection" and "Enable Self-Protection for MOVE CLI" check boxes.

Click "Save".