From Tanium 6.5 Security Technical Implementation Guide
Part of SRG-APP-000328
Associated with: CCI-002165
By restricting access to the Tanium Client directory on managed clients, the Tanium client's ability to operate and function as designed will be protected from malicious attack and unintentional modifications by end users.
Using a web browser on a system that has connectivity to the Tanium Server, access the Tanium Server web user interface (UI) and log on with CAC. From the Dashboard, under "Client Service Hardening", click on "Control Service State Permissions". The results will show a "Count" of clients with restricted and non-restricted permissions for "Tanium Client Service". Non-compliant clients will have a count other than 0 for "Service Control is set to default permissions" or "Unknown Service Control Permissions. If there is a "Count" other than "0" for "Service Control is set to default permissions" or "Unknown Service Control Permissions", this is a finding.
Using a web browser on a system that has connectivity to the Tanium Server, access the Tanium Server web user interface (UI) and log on with CAC. From the Dashboard, under "Client Service Hardening", click on "Control Service State Permissions". The results will show a "Count" of clients' compliant and non-compliant hardening for the "Tanium Client Service". Non-compliant clients will have a count other than 0 for "Service Control is set to default permissions" or "Unknown Service Control Permissions. Select each of the ""Service Control is set to default permissions" or "Unknown Service Control Permissions." statuses, right-click and select "Deploy Action...." The "Deploy Action" dialog box will display "Client Service Hardening - Control Service State Permissions" as the package. The computer names comprising the "Count" of non-compliant systems will be displayed in the bottom. Click on "Target & Schedule". Configure the schedule for the requested action depending upon internal organizational procedures and policies for maintenance. Click on "Finish". Verify settings are correct. Click on the "Confirm..." button at the bottom of the screen which will respond with a dialog box "Your action has been scheduled. It can be viewed on the actions tab."
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer