An error occurred:

Check: ENS-TP-000222

Trellix ENS 10.x STIG: ENS-TP-000222 (in versions v2 r14 through v2 r5)

Title

(U) The Trellix ENS Threat Prevention On-Demand Scan must be configured to scan boot sectors. (Cat II impact)

Discussion

(U) Boot sector viruses will install into the boot sector of a system, ensuring that they will execute when the user boots the system. This risk is mitigated by scanning boot sectors at each startup of the system.

Check Content

(U) Access the ePO server console. Select Menu >> Policy >> Policy Catalog From the "Product" list, select "Endpoint Security Threat Prevention". From the "Category" list, select "On-Demand Scan". Select each configured On-Demand Scan policy. Verify What to Scan >> "Boot sectors" is selected. If What to Scan >> "Boot sectors" is not selected, this is a finding.

Fix Text

(U) Access the ePO server console. Select Menu >> Policy >> Policy Catalog From the "Product" list, select "Endpoint Security Threat Prevention". From the "Category" list, select "On-Demand Scan". Select each configured On-Demand Scan policy. Select the What to Scan >> "Boot sectors" option. Click "Save".

Additional Identifiers

Rule ID: SV-228256r944485_rule

Vulnerability ID: V-228256

Group Title: SRG-APP-000277

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001241

The organization configures malicious code protection mechanisms to perform periodic scans of the information system on an organization-defined frequency.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
SI-3

Malicious Code Protection