McAfee VirusScan On-Demand scan actions, When a threat is found must be configured to clean files automatically as first action.
Not scanning archive files introduces the risk of infected files being introduced into the environment. In addition, archives might have other archives within. Malware is often packaged within an archive. McAfee VirusScan On-Demand scan must be configured to scan inside archives. This risk is mitigated by scanning boot sectors at each startup.
McAfee VirusScan On-Access General Policies must be configured to scan boot sectors.īoot sector viruses will install into the boot sector of a system, ensuring that they will execute when the user boots the system.
When the MIME encoded file is presented to software that decodes the MIME encoded files, such.
Multipurpose Internet Mail Extensions (MIME) encoded files can be crafted to hide a malicious payload. McAfee VirusScan On-Demand scan must be configured to decode MIME encoded files. Floppy disks would be used to boot the computer and, if infected, would infect the. McAfee VirusScan On-Access General Policies must be configured to scan floppy during shutdown.Ĭomputer viruses in the early days of personal computing were almost exclusively passed around by floppy disks. Accordingly, awareness programs should include guidance to users on. "An effective awareness program explains proper rules of behavior for use of an organization's IT systems and information.
McAfee VirusScan On-Access General Policies must be configured to notify local users when detections occur. Routine log analysis is beneficial for identifying. Log management is essential to ensuring that computer security records are stored in sufficient detail for an appropriate period of time. McAfee VirusScan On-Demand scan must be configured to record scanning activity in a log file. Infected hosts may attempt to spread malware and will use every network path available to them when spreading that infection.
McAfee VirusScan On-Access General Policies must be configured to block the connection when a threatened file is detected in a shared folder.Ĭontainment during a virus outbreak is crucial. Within this subcategory, macro viruses take advantage of the capabilities of applications' macro programming language to infect application. Interpreted viruses are executed by an application. McAfee VirusScan On-Access General Policies must be configured to enable scanning of scripts. These files are made available to antivirus clients as they are published. The antivirus signature file age must not exceed 7 days.Īntivirus signature files are updated almost daily by antivirus software vendors. When the Prevent McAfee services from being stopped check box is selected under Access Protection, VSE will prevent anyone except the System account from terminating McAfee services. McAfee VirusScan Access Protection Policies must be configured to prevent McAfee services from being stopped.
Otherwise, the risk is greater for viruses, trojans, and other. McAfee VirusScan On-Access General Policies must be configured to enable on-access scanning at system startup.įor antivirus software to be effective, it must be running at all times, beginning from the point of the system's initial startup. Findings (MAC III - Administrative Sensitive) Finding ID