II - Mission Support Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000442
<GroupDescription></GroupDescription>Group -
Any Tanium configured EMAIL RESULTS connectors must be configured to enable TLS/SSL to encrypt communications.
<VulnDiscussion>Information can be either unintentionally or maliciously disclosed or modified during preparation for transmission including,...Rule Medium Severity -
SRG-APP-000516
<GroupDescription></GroupDescription>Group -
Tanium Server files must be excluded from on-access antivirus actions.
<VulnDiscussion>Similar to any other host-based applications, the Tanium Server is subject to the restrictions other System-level software ma...Rule Medium Severity -
SRG-APP-000068
<GroupDescription></GroupDescription>Group -
The Tanium Server console must be configured to display the Standard Mandatory DoD Notice and Consent Banner before granting access to The Tanium Server.
<VulnDiscussion>Display of the DoD-approved use notification before granting access to the application ensures privacy and security notificat...Rule Medium Severity -
SRG-APP-000069
<GroupDescription></GroupDescription>Group -
The Tanium Server console must be configured to retain the Standard Mandatory DoD Notice and Consent Banner on the screen until users acknowledge the usage conditions and take explicit actions to log on for further access.
<VulnDiscussion>The banner must be acknowledged by the user prior to allowing the user access to the application. This provides assurance tha...Rule Medium Severity -
SRG-APP-000516
<GroupDescription></GroupDescription>Group -
Tanium Server files must be protected from file encryption actions.
<VulnDiscussion>Similar to any other host-based applications, the Tanium Server is subject to the restrictions other System-level software ma...Rule Medium Severity -
SRG-APP-000001
<GroupDescription></GroupDescription>Group -
The Tanium max_soap_sessions_total setting must be explicitly enabled to limit the number of simultaneous sessions.
<VulnDiscussion>Application management includes the ability to control the number of users and user sessions that utilize an application. Lim...Rule Medium Severity -
SRG-APP-000001
<GroupDescription></GroupDescription>Group -
The Tanium max_soap_sessions_per_user setting must be explicitly enabled to limit the number of simultaneous sessions.
<VulnDiscussion>Application management includes the ability to control the number of users and user sessions that utilize an application. Lim...Rule Medium Severity -
SRG-APP-000039
<GroupDescription></GroupDescription>Group -
The Tanium documentation identifying recognized and trusted folders for IOC Detect Folder streams must be maintained.
<VulnDiscussion>An IOC stream is a series or "stream" of IOCs that are imported from a vendor based on a subscription service or manually dow...Rule Medium Severity -
SRG-APP-000039
<GroupDescription></GroupDescription>Group -
The Tanium IOC Detect Folder streams must be configured to restrict access to only authorized maintainers of IOCs.
<VulnDiscussion>An IOC stream is a series or "stream" of IOCs that are imported from a vendor based on a subscription service or manually dow...Rule Medium Severity -
SRG-APP-000039
<GroupDescription></GroupDescription>Group -
The Tanium documentation identifying recognized and trusted SCAP feeds must be maintained.
<VulnDiscussion>NIST validated SCAP XML documents are provided from several possible sources such as DISA, NIST, and the other non-government...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.