Forescout must prohibit installation of software without explicit privileged permission by only authorized individuals.

An XCCDF Rule

Description

<VulnDiscussion>Allowing anyone to install software, without explicit privileges, creates the risk that untested or potentially malicious software will be installed on the system. This requirement applies to code changes and upgrades for all network devices.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-230946r1018753_rule
Severity: Medium
References: CCI-001812 CCI-003980
Updated: 20 days ago

Remove accounts that are not authorized. Do not remove the account of last resort. 

Compare users with the current SSP and ensure only the users that should have the privilege to update software have the Software Upgrade privilege selected.

1. From the menu, select Tools >> Options >> User Console and Options.
2. Select (highlight) the user profile to be reviewed (group or user) and then select Edit >> Permissions.3. Disable or delete unauthorized users.

Forescout must prohibit installation of software without explicit privileged permission by only authorized individuals.

Description

Remediation - Manual Procedure