From Tanium 7.0 Security Technical Implementation Guide
Part of SRG-APP-000033
Associated with: CCI-000213
The Tanium Action Approval feature provides a "four eyes" control mechanism designed to achieve a high level of security and reduce the possibility of error for critical operations.
Using a web browser on a system that has connectivity to Tanium, access the Tanium web user interface (UI) and log on with CAC. Click on the navigation button (hamburger menu) on the top left of the console. Click on "Administration". Select the "Global Settings" tab. In the "Show Settings Containing:" search box type "require_action_approval". Click "Enter". If no results are returned, this is a finding. If results are returned for "require_action_approval", but the value is not "1", this is a finding.
Using a web browser on a system that has connectivity to Tanium, access the Tanium web UI and log on with CAC. Click on the navigation button (hamburger menu) on the top left of the console and then click on "Administration". Select the "Global Settings" tab. If "require_action_approval" does not exist: click on "New Setting". In "New System Setting" dialog box, enter "require_action_approval" for "Setting Name:". Enter "1" for "Setting Value:". Select "Server" from "Affects" drop-down list. Select "Numeric" from "Value Type" drop-down list. Click "Save". If "require_action_approval" does exist but is not set to a value of "1": Click on "require_action_approval". In the right pane click "Edit". Set the "Setting Value" to "1". Click "Save".
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer