Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-30249 | WIR-MOS-AND-045-05 | SV-39869r1_rule | ECWN-1 | Medium |
Description |
---|
Scan results must be maintained so that auditors can verify mitigation actions have been completed, so that a scan can be compared to a previous scan, and to determine if there is any security vulnerability trends for site managed mobile OS devices. |
STIG | Date |
---|---|
Android 2.2 (Dell) Security Technical Implementation Guide | 2011-11-28 |
Check Text ( C-38872r1_chk ) |
---|
Detailed Policy Requirements: Each site must maintain the results of scans on site managed Android devices as follows: - The results of all Android device integrity validation tool scans will be maintained by either the site Android Administrator or IAO. - The site IAM should designate the length of time a site maintains the results of individual scans (6 months required, at least 1 year is recommended). The most recent control or baseline scan should be maintained until an Android device is decommissioned. Check Procedures: Interview the IAO and Android Administrator. Verify the IAO or Android Administrator is saving records of scan results and mitigation actions for the length of time designated by the site IAM. Select 4-5 Android site managed Android devices to review. -For each device, have the Android device Administrator show scan logs for each device for the period of time designated by the IAM (at least 6 months). Mark as a finding if the scan interval is not set as required. |
Fix Text (F-34016r1_fix) |
---|
Maintain the results and mitigation actions from Mobile OS device integrity validation tool scans on site managed Mobile OS devices for at least 6 months (1 year recommended). |