From Bromium Secure Platform 4.x Security Technical Implementation Guide
Part of SRG-APP-000295
Associated with: CCI-002361
Automatic session termination addresses the termination of user-initiated logical sessions in contrast to the termination of network connections that are associated with communications sessions (i.e., network disconnect). A logical session (for local, network, and remote access) is initiated whenever a user (or process acting on behalf of a user) accesses an organizational information system. Such user sessions can be terminated (and thus terminate user access) without terminating network sessions.
Review base policy to ensure that the micro-virtual machine (VM) will capture the malware manifest upon the detection of malicious activity. 1. Using the management console, navigate to "Policies" and select the base policy. 2. Navigate to "Security". 3. Navigate to and inspect the "Generate isolated threat malware manifests?" policy setting. If the Bromium vSentry client is not configured to automatically capture and forward payloads that were downloaded and determined to be malicious to the management console, this is a finding.
Modify the base policy to ensure that the micro-VM will terminate the user session upon the detection of malicious activity. 1. Using the management console, navigate to "Policies" and select the base policy. 2. Navigate to "Security". 3. Navigate to and enable the check box and radio button for the "Generate isolated threat malware manifests?" policy setting. 4. Click "Save and Deploy".
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer