The Tanium endpoint must have the Tanium Server's pki.db in its installation.

An XCCDF Rule

Description

<VulnDiscussion>Without cryptographic integrity protections in the Tanium Client, information could be altered by unauthorized users without detection. Cryptographic mechanisms used for protecting the integrity of Tanium communications information include signed hash functions using asymmetric cryptography, enabling distribution of the public key to verify the hash information while maintaining the confidentiality of the secret key used to generate the hash. Satisfies: SRG-APP-000158</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-253805r960762_rule
Severity: Medium
References: CCI-000778 CCI-001453
Updated: 17 days ago

For systems that do not have a valid key for the Tanium Server, redeploy the client software from Tanium using Tanium Client Management or work with the Tanium system administrator to accomplish this.

1. Configure a deployment.

2. Deploy the package or installer.
3. Target appropriate systems.

The Tanium endpoint must have the Tanium Server's pki.db in its installation.

Description

Remediation - Manual Procedure