DTAVSEL-205 – A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes.

Details

Failure of anti-virus signature updates will eventually render the software to be useless in protecting the Linux system from malware. Administration notification for failed updates, via SMTP, will ensure timely remediation of errors causing DATs to not be updated.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Configure Automatic Response to capture all required event descriptions and to send email notifications to the System Administrator(s).

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_McAfee_VSEL_1-9_2-0_Y20M04_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Unix.

References

800-53|SI-3b.
CAT|II
CCI|CCI-001240
Rule-ID|SV-77559r2_rule
STIG-ID|DTAVSEL-205
Vuln-ID|V-63069

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles