III - Administrative Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000328
Group -
The ability to uninstall the Tanium Client service must be disabled on all managed clients.
By default, end users have the ability to uninstall software on their clients. In the event the Tanium Client software is uninstalled, the Tanium Server is unable to manage the client and must rede...Rule Medium Severity -
SRG-APP-000328
Group -
The permissions on the Tanium Client directory must be restricted to only the SYSTEM account on all managed clients.
By restricting access to the Tanium Client directory on managed clients, the Tanium client's ability to operate and function as designed will be protected from malicious attack and unintentional mo...Rule Medium Severity -
SRG-APP-000516
Group -
Tanium endpoint files must be excluded from on-access antivirus actions.
Similar to any other host-based applications, the Tanium Client is subject to the restrictions other System-level software may place on an operating environment. That is to say that Antivirus, IPS,...Rule Medium Severity -
SRG-APP-000516
Group -
The Tanium Client Deployment Tool (CDT) must not be configured to use the psexec method of deployment.
When using the Tanium Client Deployment Tool (CDT), using psexec represents an increased vulnerability as the NTLM hash and clear text passwords of the authenticating user is exposed in the memory ...Rule Medium Severity -
SRG-APP-000516
Group -
Tanium endpoint files must be protected from file encryption actions.
Similar to any other host-based applications, the Tanium Client is subject to the restrictions other System-level software may place on an operating environment. That is to say that Antivirus, Encr...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.