McAfee TSA00M005PAA Processor Guide - Page 125

Managing scan devices

Get McAfee TSA00M005PAA - Total Protection Service PDF manuals and user guides
UPC - 731944556253
View all McAfee TSA00M005PAA manuals
Add to My Manuals
Save this manual to your list of manuals

Page 125 highlights

Using the SaaS Vulnerability Scanning Service Managing scan devices • M cAfee SECURE standard - Meets the website security vulnerabilities audit requirements mandated by HIPAA, GRAMM-LEACH-BILEY, SARBANES-OXLEY, and other federal legislation. Used for the McAfee SECURE trustmark certification program. Severity levels for vulnerabilities Vulnerabilities can be assigned different levels of severity by the different standards. Because of this, it is possible for devices to be compliant with the McAfee SECURE standard but not the PCI standard, which has specific requirements developed for devices that process payment card data. Security level 5 (Urgent) 4 (Critical) 3 (High) 2 (Medium) 1 (Low) Description Provide intruders with remote root or remote administrator capabilities. By exploiting these types of vulnerabilities, hackers can compromise the entire host. This category includes vulnerabilities that provide hackers full file-system read and write capabilities, and the ability for remote execution of commands as a root or administrator user. The presence of backdoors and Trojans also qualifies as an urgent vulnerability. Provide intruders with remote user capabilities, but not remote administrator or root user capabilities. Critical vulnerabilities give hackers partial access to file systems (for example, full read access without full write access). Vulnerabilities that expose highly sensitive information also qualify as critical vulnerabilities Provide hackers with access to specific information stored on the host, including security settings. These vulnerabilities could result in potential misuse of the host by intruders. Examples include partial disclosure of file contents, access to certain files on the host, directory browsing, disclosure of filtering rules and security mechanisms, susceptibility to denial of service (DoS) attacks, and unauthorized use of services (such as mail relaying). Expose some sensitive information from the host, such as precise versions of services. With this information, hackers could research potential attacks to try against a host. Informational, such as open ports. Manual and scheduled scans You can run scans on demand (they are queued and completed within 24 hours of the time you configure them) or schedule them to occur daily, weekly, or monthly. Manual scans are available to test vulnerabilities identified in a previous scan that you have taken steps to resolve. These include non-invasive and "full exploit" scans. If your subscription includes a certification program, you must comply with the scan frequency requirements of the program. Managing scan devices Use these tasks to set up and manage the devices on which you want to run vulnerability scans. Tasks • D iscovering IP addresses in a domain on page 126 The DNS Discovery tool identifies active IP addresses associated with a domain. • D iscovering IP addresses in a network on page 126 The network discovery tool identifies which IP addresses within a network (a specified range of IP addresses) are active. 125 McAfee Total Protection Service Product Guide

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
125
McAfee Total Protection Service Product Guide
McAfee SECURE standard
— Meets the website security vulnerabilities audit
requirements mandated by HIPAA, GRAMM-LEACH-BILEY, SARBANES-OXLEY, and other
federal legislation. Used for the McAfee SECURE trustmark certification program.
Severity levels for vulnerabilities
Vulnerabilities can be assigned different levels of severity by the different standards. Because
of this, it is possible for devices to be compliant with the McAfee SECURE standard but not the
PCI standard, which has specific requirements developed for devices that process payment
card data.
Manual and scheduled scans
You can run scans on demand (they are queued and completed within 24 hours of the time
you configure them) or schedule them to occur daily, weekly, or monthly. Manual scans are
available to test vulnerabilities identified in a previous scan that you have taken steps to
resolve. These include non-invasive and “full exploit” scans.
If your subscription includes a certification program, you must comply with the scan frequency
requirements of the program.
Managing scan devices
Use these tasks to set up and manage the devices on which you want to run
vulnerability scans.
Tasks
Discovering IP addresses in a domain on page 126
The DNS Discovery tool identifies active IP addresses associated with a domain.
Discovering IP addresses in a network on page 126
The network discovery tool identifies which IP addresses within a network (a specified
range of IP addresses) are active.
Security
level
Description
5 (Urgent)
Provide intruders with remote root or remote administrator capabilities. By exploiting
these types of vulnerabilities, hackers can compromise the entire host. This category
includes vulnerabilities that provide hackers full file-system read and write
capabilities, and the ability for remote execution of commands as a root or
administrator user. The presence of backdoors and Trojans also qualifies as an urgent
vulnerability.
4 (Critical)
Provide intruders with remote user capabilities, but not remote administrator or root
user capabilities. Critical vulnerabilities give hackers partial access to file systems (for
example, full read access without full write access). Vulnerabilities that expose highly
sensitive information also qualify as critical vulnerabilities
3 (High)
Provide hackers with access to specific information stored on the host, including
security settings. These vulnerabilities could result in potential misuse of the host by
intruders. Examples include partial disclosure of file contents, access to certain files
on the host, directory browsing, disclosure of filtering rules and security mechanisms,
susceptibility to denial of service (DoS) attacks, and unauthorized use of services
(such as mail relaying).
2 (Medium)
Expose some sensitive information from the host, such as precise versions of
services. With this information, hackers could research potential attacks to try
against a host.
1 (Low)
Informational, such as open ports.
Using the SaaS Vulnerability Scanning Service
Managing scan devices