Mcafee Pacc 600 Product Guide En-Us

McAfee Policy Auditor Content Creator 6.0.
0
Product Guide
COPYRIGHT
Copyright 2011 McAfee, Inc. All Rights Reserved.
No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form
or by any means without the written permission of McAfee, Inc., or its suppliers or affiliate companies.
TRADEMARK ATTRIBUTIONS
AVERT, EPO, EPOLICY ORCHESTRATOR, FOUNDSTONE, GROUPSHIELD, INTRUSHIELD, LINUXSHIELD, MAX (MCAFEE
SECURITYALLIANCE EXCHANGE), MCAFEE, NETSHIELD, PORTALSHIELD, PREVENTSYS, SECURITYALLIANCE, SITEADVISOR, TOTAL
PROTECTION, VIRUSSCAN, WEBSHIELD are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other
countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks
herein are the sole property of their respective owners.
LICENSE INFORMATION
License Agreement
NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU
PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU
DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE
GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED
SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEBSITE
FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE
AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF
PURCHASE FOR A FULL REFUND.
McAfee Policy Auditor Content Creator 6.0.0 software Product Guide 2
Contents
Introducing McAfee Policy Auditor Content Creator. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Audience. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Conventions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Finding product documentation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Installing McAfee Policy Auditor Content Creator. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Things to know before installation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Software and hardware requirements and recommendations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Standalone installation options. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Install McAfee Policy Auditor Content Creator. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Install standalone version of software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Install as a deployable package in the Master Repository. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Managing templates, benchmarks, groups, and checks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Create benchmarks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Create benchmark templates. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Create groups. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Export benchmarks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Export checks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Create a benchmark from a template. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Creating a benchmark. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Planning your benchmark. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
The file permission browser and how it works. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Create a Windows File Permission check. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
3 McAfee Policy Auditor Content Creator 6.0.0 software Product Guide
Introducing McAfee Policy Auditor Content
Creator
McAfee
Policy Auditor Content Creator is designed to supplement the McAfee-supplied

benchmarks and checks with auditing rules that are specific to your organization. With its
simplified user interface, this tool can be used to create supplemental benchmarks and checks
without any knowledge of XCCDF or OVAL.You can export the benchmark or checks in XCCDF
or OVAL format and then import them into the McAfee
Benchmark Editor or check editor for

use in audits.
Contents
Audience
Conventions
Finding product documentation
Audience
McAfee Policy Auditor Content Creator documentation is carefully researched and written for
the target audience.
The information in this guide is intended primarily for:
Administrators People who implement and enforce the company's security program.
Users People who are responsible for configuring the product options on their system,
or for updating the product on their systems.
Conventions
This guide uses the following typographical conventions.
Title of a book, chapter, or topic; introduction of a new term; emphasis. Book title or Emphasis
Text that is strongly emphasized. Bold
Commands and other text that the user types; the path of a folder or
program.
User input or Path
A code sample. Code
Words in the user interface including options, menus, buttons, and dialog
boxes.
User interface
A live link to a topic or to a website. Hypertext blue
Additional information, like an alternate method of accessing an option. Note
Suggestions and recommendations. Tip
Valuable advice to protect your computer system, software installation,
network, business, or data.
Important/Caution
Critical advice to prevent bodily harm when using a hardware product. Warning
McAfee provides the information you need during each phase of product implementation, from
installing to using and troubleshooting. After a product is released, information about the product
is entered into the McAfee online KnowledgeBase.
1 Go to the McAfee Technical Support ServicePortal at http://mysupport.mcafee.com.
2 Under Self Service, access the type of information you need:
Do this... To access...
User Documentation 1 Click Product Documentation.
2 Select a Product, then select a Version.
3 Select a product document.
KnowledgeBase Click Search the KnowledgeBase for answers to your product questions.
Click Browse the KnowledgeBase for articles listed by product and
version.
Introducing McAfee Policy Auditor Content Creator
Installing McAfee Policy Auditor Content Creator
You can install McAfee Policy Auditor Content Creator as standalone software on supported
Windows systems or as a deployable package in the Master Repository of ePolicy Orchestrator
software version 4.5 or 4.6.

Contents
Things to know before installation
Software and hardware requirements and recommendations
Standalone installation options
Install McAfee Policy Auditor Content Creator
Things to know before installation
Be sure that you have read, understood, and complied with the requirements detailed in Software
and hardware requirements before you begin the installation.
You should have the following information available during the installation:
Windows authentication credentials You must provide credentials for a domain
administrator user account.
A destination folder for the software installation (required for Custom installations).
Software and hardware requirements and
recommendations
McAfee Policy Auditor Content Creator runs on supported Windows operating systems that
meet the software and hardware requirements.
Supported Windows operating systems
The standalone installation of McAfee Policy Auditor Content Creator supports the following
operating systems:
X64 support X86 support Operating system
X Windows 2000
X X Windows 7
X X Windows Server 2003 Enterprise Edition
X X Windows Server 2003 R2 Enterprise Edition
X64 support X86 support Operating system
X X Windows Server 2003 R2 Standard Edition
X X Windows Server 2003 Standard Edition
X X Windows Server 2003 Web Edition
X X Windows Server 2008
X X Windows Vista
X X Windows XP Home
X X Windows XP Professional
Hardware and network requirements for Windows systems
These are the minimum requirements for McAfee Policy Auditor Content Creator support on
Windows systems:
Requirements Component
Intel Pentium-class, Celeron, or compatible processor; 166
MHz processor or higher.
Processor
300 MB. Free disk space for agent plug-in (optional)
Sufficient disk space on client computers for each McAfee
product that have been installed. For more information,
see the corresponding product documentation.
Free disk space for other McAfee components
20 MB RAM. Free Memory
Microsoft or Novell NetWare networks. NetWare networks
require TCP\IP.
Network environment
10 Mbps or higher. Network interface card (NIC)
Software requirements and recommendations
Make sure you have the required and recommended software installed on your server system
before installing McAfee Policy Auditor Content Creator.
Requirements and recommendations Software
Recommended Make sure your Microsoft software is running the
latest updates.
Microsoft updates
There are two options for the standalone installation of McAfee Policy Auditor Content Creator
on supported Windows systems. Each option walks you through the installation process using
the InstallShield Wizard.
Use the following table to determine which option is right for your environment.
Details Installation option
The most direct installation path. Use this option if you want to accept McAfee's default
installation settings.
Express
Details Installation option
Customize your installation. Use this option when you want to specify the destination
folder where the software is installed (C:\Program Files\McAfee\Policy Auditor
Content Creator by default).
Custom
Install McAfee Policy Auditor Content Creator as standalone software on supported Windows
systems or as a deployable package in the Master Repository.
Tasks
Install standalone version of software
Install as a deployable package in the Master Repository
Install standalone version of software
You can install a standalone version of McAfee Policy Auditor Content Creator by downloading
the software and running the InstallShield Wizard.
Before you begin
You must have local administrator account permissions to install the software.
Task
For option definitions, click ? in the interface.
1 Log on to the desired system using an account with local administrator permissions.
2 Download the product zip file from the McAfee download site and unzip the file to a
convenient location.
3 Double-click PACCSetup.exe. The InstallShield Wizard opens.
4 In the Welcome window of the installation wizard, click Next.
5 Accept the License Agreement, then click Next.
6 Choose whether you want an Express or a Custom installation, then click Next.
Express Accept the default installation folder.
Custom Specify a custom destination location for the software. When the Change
Current Destination Folder window opens, browse to your desired destination and create
any new folders if needed. When finished, click OK.
7 In the Ready to Install the Program dialog box, click Install to begin the installation.
8 In the InstallShield Wizard Completed dialog box, click Finish to complete the installation.
Install as a deployable package in the Master Repository
You can install the software as a deployable package in the Master Repository on
ePolicy Orchestrator software version 4.5 or 4.6 systems.
After you have checked in the package, you can deploy it to a managed endpoint system. The
endpoint system does not have to have the McAfee Policy Auditor agent plug-in installed on it.
See the ePolicy Orchestrator software documentation for information on deploying the software
package to a managed system using the Product Deployment Task.
Task
For option definitions, click ? in the interface.
1 Download the product zip file from the McAfee download site.
2 Click Menu | Software | Master Repository, then click Actions | Check in Package. The
Check in Package wizard opens.
3 Select the Product or Update (.ZIP) package type, then browse to and select the desired
package file.
Package info Confirm this is the correct package.
Branch Select the desired branch. If there are requirements in your environment to
test new packages before deploying them throughout the production environment,
McAfee recommends using the Evaluation branch whenever checking in packages.
Once you finish testing the packages, you can move them to the Current branch by
clicking Menu | Software | Master Repository.
Options Select whether to:
Move the existing package to the Previous branch When selected, moves
packages in the master repository from the Current branch to the Previous branch
when a newer package of the same type is checked in. Available only when you
select Current in Branch.
Package signing Specifies if the package is signed by McAfee or is third-party
package.
4 Click Save to begin checking in the package, then wait while the package is checked in.
The McAfee Policy Auditor Content Creator software appears in the Packages in Master
Repository list on the Master Repository tab.
Managing templates, benchmarks, groups, and
checks
You can quickly create benchmarks that contain groups, subgroups, and rules. You can use
the software without having to learn the Extensible Configuration Checklist Description Format
(XCCDF) or Open Vulnerability and Assessment Language (OVAL) languages.
Contents
Create benchmarks
Create benchmark templates
Create groups
Export benchmarks
Export checks
Create a benchmark from a template
Create benchmarks
You can create benchmarks in McAfee Policy Auditor Content Creator for use in audits.
Benchmarks are documents containing an organized set of rules describing the desired state
of a system. A benchmark is the core component of an audit and can be used by McAfee Policy
Auditor as well as other McAfee and third-party products.
This task describes how to create an empty benchmark. See Creating a benchmark to learn
the principles of creating a benchmark containing a group and a check.
Task
1 From the McAfee Policy Auditor Content Creator interface, click File | New.
2 Select the new benchmark in the left pane. In the right pane, provide information about the
benchmark.
Title Enter a meaningful title.
Description Describe the design and purpose of the benchmark.
Applicable platforms Select one or more platforms to designate the operating
systems that will run the audit containing the benchmark. McAfee Policy Auditor ignores
the benchmark on platforms that are not selected.
TIP: Generalize the applicable platforms if the benchmark will run on more than one
operating system. For example, if you have different rules for Windows 7, Windows XP,
and Windows 2008 server, set the benchmark's applicable platform to Microsoft Windows.
Default OVAL namespace Leave the default namespace, which is the name of the
system where the benchmark is created, or change it to reflect a different system.
3 Click File | Save and specify a filename for the benchmark. The software uses the .bme
extension for its files.
Use benchmark templates to create benchmarks based on the same design. For example, you
can use a benchmark template to create a benchmark to determine the SHA1 hash for a file
on Windows XP systems and another benchmark to determine the SHA1 hash for a file on AIX
systems.
Task
1 From an open benchmark file, click File | Save. The Save As dialog box opens.
2 Navigate to the folder where you want to save the file, enter a file name, and click Save.
You can use this benchmark as a template for creating and saving other benchmarks.
Create groups
Groups are containers that help you organize checks in benchmarks. You can create groups
and apply them to platforms. You can also create subgroups, which are nested groups.
Task
1 Create a benchmark and select it in the left pane.
2 From the right pane, click New Group.
3 Select the new group in the left pane. In the right pane, specify information about the group.
Title Provide a meaningful title.
Description Describe the purpose of the group.
Applicable platforms Select one or more platforms to designate the operating
systems that will run the audit containing the benchmark group. McAfee Policy Auditor
ignores the benchmark on platforms that are not selected.
Export benchmarks
You can export benchmarks and the checks they contain. These can be imported into
McAfee Benchmark Editor for use in McAfee Policy Auditor audits.
The software exports benchmarks as XCCDF documents embedded in a single archive (ZIP)
file.
Task
1 From an open benchmark file, click File | Export to XCCDF. The Save As dialog box
opens.
Managing templates, benchmarks, groups, and checks
Export checks
You can export checks in the OVAL file format. These can be imported into McAfee Benchmark
Editor.
Task
1 From an open benchmark file, select a check.
2 From the right pane, click Export as OVAL definition. The Save As dialog box opens.
Create a benchmark from a template
You can create a benchmark from a benchmark template supplied by McAfee. You can also
create a benchmark from your own template by opening a .bme file.
McAfee plans to provide more templates in future releases of the software.
Task
1 From the McAfee Policy Auditor Content Creator interface, click File | New from template,
then select the template. A benchmark based on the template appears.
2 Make changes as needed, then export the template to an XCCDF file.
Managing templates, benchmarks, groups, and checks
Export checks
Creating a benchmark
This example shows how to create a benchmark containing a group and a rule, using the
Windows File Permission rule as an example. The principles apply to creating any rule with
McAfee Policy Auditor Content Creator.
Contents
Planning your benchmark
The file permission browser and how it works
Create a Windows File Permission check
Planning your benchmark
Creating a benchmark using McAfee Policy Auditor Content Creator requires planning and
consideration with regard to structure and configuration.
How you set up your benchmark structure, and how you much configuration you need to perform
depends on the unique needs of the sytems you audit. Considering these areas in advance can
reduce the time it takes to create a benchmark.
Platform inheritance
Understanding platform inheritance can help you create more efficient benchmarks. Groups
inherit the platform from the benchmark, and rules inherit the platform from the group. If you do
not assign a platform to a group, the rule inherits the platform from the benchmark.
When creating a benchmark with a group and a rule, start with the broadest platform and
progress to the narrowest platform. For example:
1 Create a benchmark and set the applicable platform to Windows.
2 Create a group and set the applicable platform to Windows 7.
3 Create two rules inside the Windows 7 group: one applies to Windows 7 x64 and the other
applies to Windows 7 x86.
If you do not go from broad to narrow or the inheritance logic is incorrect, the audit will not
function correctly. If you have a group with an applicable platform of Windows 7 and a rule inside
the group with an applicable platform of Windows 2000, the rule will not return results when the
audit is run because Windows 2000 is not a Windows 7 platform.
Rule parameters
The interface shows you the parameters that you need to provide. You might need to provide
information for items in the left pane that are black and you must provide information for the
items that are red.
Using the Windows File Permission check as an example, you must provide information for the
red parameters:
Folder
File permission set
Pass if the file or folder does not exist
The rule can determine permission set for a file or a folder. The File name parameter appears
black in the left pane. If you want to check folder permission sets, you do not need to provide
information for the parameter. If you want to check file permission sets, you must provide the
name of the file.
Populating input values from the system
You can create a Gold Standard check by populating certain parameter values with information
from the system running McAfee Policy Auditor Content Creator.
To populate parameter values with system inform, you must manually configure the check with
enough information to find the values that it needs. Using the Windows File Permission check
as an example, you must provide information for these parameters first:
Folder
File name (not necessary if you are checking folder permissions)
Pass if the file or folder does not exist
Once you provide this information, select the check in the left pane and click Populate input
values from the system in the right pane. The software imports the permission sets from
the selected file or folder.
The file permission browser is used by the file category permission check. It allows you to add
trustees and select file permissions for the trustees. The permission check determines the
trustees and file permissions on an audited system and compares the values with the check.
The permission browser shows one or more rows of trustees and their file permissions. Each
row can contain one or more trustee. The permissions for each row of trustees show a series
of one-letter abbreviations that correspond to file permissions. You can add multiple rows and
assign permissions to the trustees in each row.
Trustees
Trustees are users or groups. When you select a row and click Select Trustees, the Trustee
Browser dialog box appears and shows a list of common trustees. You can also add your own
trustees by specifying their name or security identifier (SID).
This is the list of trustees shown in the Trustee Browser:
Administrators
Authenticated Users
Backup Operators
BATCH
CREATOR OWNER
Everyone
Guests
INTERACTIVE
LOCAL SERVICE
Network Configuration Operators
NETWORK SERVICE
Performance Log Users
Performance Monitor Users
Power Users
SERVICE
SYSTEM
TERMINAL SERVER USER
Users
Permissions
Permissions are rules associated with a file. When you select a row and click Select
Permissions, the Permissions browser appears and shows the permissions associated with
the file. You can select permissions or use the checkboxes to select groups of permissions.
Change Permissions
Create Files / Write Data
Create Folders / Append Data
Delete
Delete Subfolders and Files
List Folder / Read Data
Take Ownership
Read Attributes
Read Extended Attributes
Read Permissions
Synchronize
Traverse Folder / Execute File
Write Attributes
Write Extended Attributes
Abbreviations for permissions
The permissions for each row of trustees are represented by a series of one-letter abbreviations.
P Change Permissions
W Create Files / Write Data
A Create Folders / Append Data
D Delete
U Delete Subfolders and Files
R List Folder / Read Data
O Take Ownership
Q Read Attributes
N Read Extended Attributes
E Read Permissions
- Synchronize
X Traverse Folder / Execute File
T Write Attributes
B Write Extended Attributes
This rule contains a check that determines the trustees and permissions for a specified folder
or file on a system and compares it with the values in the check.
This rule works only on Windows operating systems.
Task
1 From the McAfee Policy Auditor Content Creator interface, click File | New. Provide a title,
description, and optionally, one or more Windows platforms that the benchmark applies to.
2 From the right pane, click New Group. Provide a title, description, and optionally, one or
more Windows platforms that the benchmark applies to.
3 From the left pane, select the group, then click Edit | New Rule.
4 Select the following settings:
Setting List box
Windows Rule Family
File Category
Permission check Rule
5 Edit the rule title and description as needed. Optionally, select the Windows operating
systems that the rule will audit. You can select more than one operating system.
6 Under the rule, select Folder.
7 Edit the title and description as needed, and then select whether the rule uses a constant
or dynamic value for the folder.
Table 1: Constant Value for Folder
Definition Option
Not applicable. System Value
Opens the Browse for Folder dialog box. Select the
folder containing the file to be audited.
Edit...
Opens the File location dialog box. Enter the full path
to the folder containing the file to be audited.
Edit as text...
Table 2: Dynamic Value for Folder
Definition Option
Opens the Dynamic Value dialog box and allows you
to specify the folder. The most common ways to specify
...
a dynamic folder are to use concatenated text or to
select a registry key containing the folder path.
Definition Option
1
Under Rule Family, select Windows.
2
Under Category, select Registry.
3
Under Datasource, select Functions.
4
In the left pane, select Concatenated
text.
5
Under Concatenated text, enter text or
an environmental variable for the left
and right values of the path. For
example, set the left path as %WinDir%
and the right path as System32.
1
2
Under Category, select File.
3
Under Datasource, select Registry
value.
4
In the left pane, select Registry Path,
then do one of the following.
Click Edit. The Registry Browser opens.
Navigate to the registry key containing the
folder path.
Click Edit as text. The Registry path dialog
box opens. Enter the full path and the registry
key that contains the folder path.
5
To create a Gold Standard rule by
importing the value from the system,
select Registry Value in the left pane,
then click Populate input values from
system.
8 Under the rule, select File name.
NOTE: To check folder permissions, do not set this value.
or dynamic value for the file name.
Table 3: Constant Value for File name
Definition Option
Not applicable. System Value
Opens the Open dialog box. Select the file you want to
monitor.
Edit...
Opens the File name dialog box. Enter the file name. Edit as text...
Table 4: Dynamic Value for File name
Definition Option
Opens the Dynamic Value dialog box to select a file
name contained in a registry key.
...
1
Definition Option
2
Under Category, select File.
3
value.
4
In the left pane, select Registry Path,
then do one of the following.
Click Edit. The Registry Browser opens.
Navigate to the registry key containing the file
name.
Click Edit as text. The Registry path dialog
box opens. Enter the full path and the registry
key that contains the file name.
5
system.
10 Under the rule, select File permission set.
or dynamic value for the permission set.
Table 5: Constant Value for File permission set
Definition Option
Imports the system settings into the parameter. System Value
Opens the Permission Browser dialog box. Refer to The
file permission browser and how it works to populate
this parameter.
Edit...
Opens the Registry Permission Set dialog box. The text
box contains a list of each trustee, its associated SID,
Edit as text...
and the associated permissions. Refer to The file
permission browser and how it works to populate this
parameter.
Table 6: Dynamic Value for File permission set
Definition Option
Opens the Dynamic Value dialog box. Select the
Registry Value datasource, and then select a registry
key that contains the file permission set.
...
1
2
3
value.
4
In the left pane, select Registry path.
5
Specify a registry key containing the
desired value.
Click Edit... to open the Registry Browser
dialog box and browse to the registry key.
Definition Option
Click Edit as Text... to open the Registry Path
dialog box and enter the full path to the
registry key.
6
system.
12 Under the rule, select Pass if the file does not exist. If you set the parameter to True, the
rule passes even if the file does not exist on the audited system.
or dynamic value for whether the key exists.
Table 7: Constant Value for Pass if the file does not exist
Definition Option
Imports the system settings into the parameter. System Value
Opens the Boolean Browser dialog box. Select True or
False.
Edit...
Opens the Pass if file does not exist dialog box. Enter
True or False. You can also enter 1 for true and 0 for
false.
Edit as text...
Table 8: Dynamic Value for Pass if the file does not exist
Definition Option
Opens the Dynamic Value dialog box. Select the
Registry Value datasource, and then select a registry
key that contains the value for whether the file exists.
...
1
2
3
value.
4
In the left pane, select Registry path.
5
Specify a registry key containing the
desired value.
Click Edit... to open the Registry Browser
dialog box and browse to the registry key.
Click Edit as Text... to open the Registry Path
dialog box and enter the full path to the
registry key and the key.
6
system.
Index
A
audience for this guide 4
B
benchmarks
create 10
create from a template 12
create template 11
export 11
plan 13
C
checks, export 12
conventions used in this guide 4
create benchmark from a template 12
create benchmark templates 11
create benchmarks 10, 13
create checks 11
D
documentation
product-specific, finding 5
typographical conventions 4
E
export benchmarks 11
export checks 12
F
file check category
file permission rule 16
file check category (continued)
permission browser 14
file permission browser 14
file permission rule 16
G
groups, create 11
I
installation
install as a deployable package 8
install as standalone software 8
software and hardware requirements 6
standalone installation options 7
things to know before installation 6
M
McAfee ServicePortal, accessing 5
P
permission browser, file 14
permission check, file 16
Policy Auditor Content Creator, installation
install as a deployable package 8
install as standalone software 8
software and hardware requirements 6
standalone installation options 7
things to know before installation 6
S
ServicePortal, finding product documentation 5

Mcafee Pacc 600 Product Guide En-Us

Uploaded by

Copyright:

Available Formats

You might also like

Mcafee Pacc 600 Product Guide En-Us

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Mcafee Pacc 600 Product Guide En-Us

Uploaded by

Copyright:

Available Formats

McAfee Policy Auditor Content Creator 6.0.

Policy Auditor Content Creator is designed to supplement the McAfee-supplied

Benchmark Editor or check editor for

software version 4.5 or 4.6.

You might also like