Check: RHEL-07-032000
RHEL 7 STIG:
RHEL-07-032000
(in versions v3 r15 through v2 r1)
Title
The Red Hat Enterprise Linux operating system must use a virus scan program. (Cat I impact)
Discussion
Virus scanning software can be used to protect a system from penetration from computer viruses and to limit their spread through intermediate systems. The virus scanning software should be configured to perform scans dynamically on accessed files. If this capability is not available, the system must be configured to scan, at a minimum, all altered files on the system on a daily basis. If the system processes inbound SMTP mail, the virus scanner must be configured to scan all received mail.
Check Content
Verify an anti-virus solution is installed on the system. The anti-virus solution may be bundled with an approved host-based security solution. If there is no anti-virus solution installed on the system, this is a finding.
Fix Text
Install an antivirus solution on the system.
Additional Identifiers
Rule ID: SV-214801r991589_rule
Vulnerability ID: V-214801
Group Title: SRG-OS-000480-GPOS-00227
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000366 |
Implement the security configuration settings. |
| CCI-001668 |
The organization employs malicious code protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means or inserted through the exploitation of information system vulnerabilities. |
Controls
| Number | Title |
|---|---|
| CM-6 |
Configuration Settings |