McAfee Application Control STIG Ver 1, Rel 6 Checklist Details (Checklist Revisions)

Supporting Resources:


Target CPE Name
McAfee Application Control 7.0.0 cpe:/a:mcafee:application_control:7.0.0 (View CVEs)

Checklist Highlights

Checklist Name:
McAfee Application Control STIG
Checklist ID:
Ver 1, Rel 6
Review Status:
Governmental Authority: Defense Information Systems Agency
Original Publication Date:

Checklist Summary:

This McAfee Application Control Security Technical Implementation Guide (STIG) is intended to provide guidance for McAfee Application Control on DoD workstation endpoints. McAfee Application Control is a portion of the McAfee Application/Change Control product. This STIG does not include guidance for servers or for McAfee Change Control. This STIG is only applicable in a Host Based Security System (HBSS) managed environment. McAfee Application Control is a McAfee ePolicy Orchestrator (ePO) managed software and is capable of blocking unauthorized applications and code on servers, corporate desktops, and fixed-function devices using centrally managed application whitelist(s). McAfee Application Control’s dynamic trust model and security features block advanced persistent threats (APTs) without requiring signature updates or list management. McAfee Application Control configuration for a centrally managed client is accomplished via ePO policies deployed to the client. While the McAfee Application Control can be configured by the Command Line Interface (CLI), the CLI is required to be disabled on a centrally managed McAfee Application Control installation. The McAfee Application Control STIG provides security policy and configuration requirements. The HBSS STIG Overview provides an overview of all McAfee HBSS products and services.

Checklist Role:

  • Application Server

Known Issues:

Not provided.

Target Audience:

Not provided.

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not provided.

Regulatory Compliance:

DoD Instruction (DoDI) 8500.01


Parties within the DoD and Federal Government’s computing environments can obtain the applicable STIG from the Information Assurance Support Environment (IASE) website. This site contains the latest copies of any STIGs, SRGs, and other related security information. The address for the IASE site is


Not provided.

Product Support:

Comments or proposed revisions to this document should be sent via email to the following address: DISA will coordinate all change requests with the relevant DoD organizations before inclusion in this document. Approved changes will be made in accordance with the DISA maintenance release schedule.

Point of Contact:


Not provided.


Not provided.

Change History:

Updated to v1,r3 - 3/21/2018
updated to FINAL - 4/24/18
Updated URLs - 6/6/19
Updated URL - 8/15/19
Updated URLs per DISA - 4/24/2020


URL Description


Reference URL Description

NIST checklist record last modified on 04/24/2020