III - Administrative Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000386
<GroupDescription></GroupDescription>Group -
A Trellix Application Control written policy must be documented to outline the organization-specific variables for application whitelisting.
<VulnDiscussion>Enabling application whitelisting without adequate design and organization-specific requirements will either result in an imp...Rule Medium Severity -
SRG-APP-000165
<GroupDescription></GroupDescription>Group -
The use of a Solidcore 8.x local Command Line Interface (CLI) Access Password must be documented in the organizations written policy.
<VulnDiscussion>The Solidcore client can be configured locally at the CLI, but only when accessed with the required password. Since the Trel...Rule Medium Severity -
SRG-APP-000169
<GroupDescription></GroupDescription>Group -
The Solidcore client Command Line Interface (CLI) Access password complexity requirements must be documented in the organizations written policy.
<VulnDiscussion>The Solidcore client can be configured locally at the CLI, but only when accessed with the required password. The misuse of ...Rule Medium Severity -
SRG-APP-000172
<GroupDescription></GroupDescription>Group -
The Solidcore client Command Line Interface (CLI) Access Password protection process must be documented in the organizations written policy.
<VulnDiscussion>The Solidcore client can be configured locally at the CLI, but only when accessed with the required password. Since the Trel...Rule Medium Severity -
SRG-APP-000174
<GroupDescription></GroupDescription>Group -
The requirement for scheduled Solidcore client Command Line Interface (CLI) Access Password changes must be documented in the organizations written policy.
<VulnDiscussion>The Solidcore client can be configured locally at the CLI, but only when accessed with the required password. The misuse of ...Rule Medium Severity -
SRG-APP-000397
<GroupDescription></GroupDescription>Group -
The process by which the Solidcore client Command Line Interface (CLI) Access Password is made available to administrators when needed must be documented in the organizations written policy.
<VulnDiscussion>The Solidcore client can be configured locally at the CLI, but only when accessed with the required password. Since the Trel...Rule Medium Severity -
SRG-APP-000276
<GroupDescription></GroupDescription>Group -
The Trellix Application Control Options Advanced Threat Defense (ATD) settings, if being used, must be confined to the organizations enclave.
<VulnDiscussion>Data will be leaving the endpoint to be analyzed by the ATD. Because data could feasibly be intercepted en route, risk of out...Rule Medium Severity -
SRG-APP-000386
<GroupDescription></GroupDescription>Group -
The configuration of features under Trellix Application Control Options policies Enforce feature control must be documented in the organizations written policy.
<VulnDiscussion>By default, the Trellix Application Control prevents installation of ActiveX controls on endpoints, enforces memory protectio...Rule Medium Severity -
SRG-APP-000386
<GroupDescription></GroupDescription>Group -
The organizations written policy must include a process for how whitelisted applications are deemed to be allowed.
<VulnDiscussion>Enabling application whitelisting without adequate design and organization-specific requirements will either result in an imp...Rule Medium Severity -
SRG-APP-000386
<GroupDescription></GroupDescription>Group -
The organizations written policy must include procedures for how often the whitelist of allowed applications is reviewed.
<VulnDiscussion>Enabling application whitelisting without adequate design and organization-specific requirements will either result in an imp...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.