Navigate

Check: ENS-TP-000245

Trellix ENS 10.x STIG: ENS-TP-000245 (in versions v2 r14 through v2 r13)

Title

(U) The Trellix ENS Threat Prevention On-Demand Scan Global Threat Intelligence (GTI) sensitivity level must be configured. (Cat II impact)

Discussion

(U) The Trellix ENS Threat Prevention On-Demand Scan Global Threat Intelligence (GTI) sensitivity level must be configured.

Check Content

(U) NOTE: This requirement is Not Applicable on Classified/SIPRNet or otherwise closed networks. Access the ePO server console. From the ePO server console, select Menu >> Policy >> Policy Catalog. From the "Product" list, select "Endpoint Security Threat Prevention". From the "Category" list, select "On-Demand Scan". Select each configured On-Demand Scan policy. Verify Trellix GTI Sensitivity Level is set to Medium. If the Trellix GTI Sensitivity Level is not set to Medium, this is a finding.

Fix Text

(U) From the ePO server console, select Menu >> Policy >> Policy Catalog. From the "Product" list, select "Endpoint Security Threat Prevention". From the "Category" list, select "On-Demand Scan". Select each configured On-Demand Scan policy. Set the Trellix GTI Sensitivity Level to Medium. Click "Save".

Additional Identifiers

Rule ID: SV-230191r944509_rule

Vulnerability ID: V-230191

Group Title: SRG-APP-000278

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-001242	The organization configures malicious code protection mechanisms to perform real-time scans of files from external sources at endpoints as the files are downloaded, opened, or executed in accordance with organizational security policy.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
SI-3	Malicious Code Protection