McAfee TSA00M005PAA Processor Guide - Page 125
Managing scan devices
UPC - 731944556253
View all McAfee TSA00M005PAA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 125 highlights
Using the SaaS Vulnerability Scanning Service Managing scan devices • M cAfee SECURE standard - Meets the website security vulnerabilities audit requirements mandated by HIPAA, GRAMM-LEACH-BILEY, SARBANES-OXLEY, and other federal legislation. Used for the McAfee SECURE trustmark certification program. Severity levels for vulnerabilities Vulnerabilities can be assigned different levels of severity by the different standards. Because of this, it is possible for devices to be compliant with the McAfee SECURE standard but not the PCI standard, which has specific requirements developed for devices that process payment card data. Security level 5 (Urgent) 4 (Critical) 3 (High) 2 (Medium) 1 (Low) Description Provide intruders with remote root or remote administrator capabilities. By exploiting these types of vulnerabilities, hackers can compromise the entire host. This category includes vulnerabilities that provide hackers full file-system read and write capabilities, and the ability for remote execution of commands as a root or administrator user. The presence of backdoors and Trojans also qualifies as an urgent vulnerability. Provide intruders with remote user capabilities, but not remote administrator or root user capabilities. Critical vulnerabilities give hackers partial access to file systems (for example, full read access without full write access). Vulnerabilities that expose highly sensitive information also qualify as critical vulnerabilities Provide hackers with access to specific information stored on the host, including security settings. These vulnerabilities could result in potential misuse of the host by intruders. Examples include partial disclosure of file contents, access to certain files on the host, directory browsing, disclosure of filtering rules and security mechanisms, susceptibility to denial of service (DoS) attacks, and unauthorized use of services (such as mail relaying). Expose some sensitive information from the host, such as precise versions of services. With this information, hackers could research potential attacks to try against a host. Informational, such as open ports. Manual and scheduled scans You can run scans on demand (they are queued and completed within 24 hours of the time you configure them) or schedule them to occur daily, weekly, or monthly. Manual scans are available to test vulnerabilities identified in a previous scan that you have taken steps to resolve. These include non-invasive and "full exploit" scans. If your subscription includes a certification program, you must comply with the scan frequency requirements of the program. Managing scan devices Use these tasks to set up and manage the devices on which you want to run vulnerability scans. Tasks • D iscovering IP addresses in a domain on page 126 The DNS Discovery tool identifies active IP addresses associated with a domain. • D iscovering IP addresses in a network on page 126 The network discovery tool identifies which IP addresses within a network (a specified range of IP addresses) are active. 125 McAfee Total Protection Service Product Guide