Details
Only boot images signed with a trusted signature should be allowed, otherwise the appliance may run malicious or unknown code. Normally boot images are downloaded directly from FireEye but offline update mechanisms are possible.
Solution
Edit the configuration and add this line:n
image options require-sig
This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system FireEye.