{"description": "Install McAfee VirusScan Enterprise for Linux antivirus software\nwhich is provided for systems and uses signatures to search for the\npresence of viruses on the filesystem.", "rationale": "Virus scanning software can be used to detect if a system has been compromised by\ncomputer viruses, as well as to limit their spread to other systems.", "severity": "high", "references": {"cis-csc": ["12", "13", "14", "4", "7", "8"], "cobit5": ["APO01.06", "APO13.02", "BAI02.01", "BAI06.01", "DSS04.07", "DSS05.01", "DSS05.02", "DSS05.03", "DSS06.06"], "isa-62443-2009": ["4.3.4.3.8", "4.4.3.2"], "isa-62443-2013": ["SR 3.2", "SR 3.3", "SR 3.4", "SR 4.1"], "iso27001-2013": ["A.12.2.1", "A.14.2.8", "A.8.2.3"], "nist": ["CM-6(a)", "SC-28", "SI-3(a)"], "nist-csf": ["DE.CM-4", "DE.DP-3", "PR.DS-1"], "srg": ["SRG-OS-000480-GPOS-00227"]}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": "virus scanning software is not installed or running", "ocil": "To verify that McAfee VirusScan Enterprise for Linux is installed\nand running, run the following command(s):\n<pre>$ sudo systemctl status nails</pre>\n<pre>$ rpm -q McAfeeVSEForLinux</pre>", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [{"general": "Due to McAfee HIPS being 3rd party software, automated\nremediation is not available for this configuration check."}], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": "system_with_kernel", "platforms": ["system_with_kernel"], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": ["system_with_kernel"], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Install McAfee Virus Scanning Software", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/install_mcafee_antivirus/rule.yml", "template": null}