Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-251003 | MOIS-ND-000930 | SV-251003r802231_rule | Low |
Description |
---|
Changes to the hardware or software components of the network device can have significant effects on the overall security of the network. Therefore, only qualified and authorized individuals should be allowed administrative access to the network device for implementing any changes or upgrades. This requirement applies to updates of the application files, configuration, ACLs, and policy filters. |
STIG | Date |
---|---|
Ivanti MobileIron Sentry 9.x NDM Security Technical Implementation Guide | 2021-09-15 |
Check Text ( C-54438r802229_chk ) |
---|
Verify that only authorized administrators have permissions for changes, deletions, and updates on the MobileIron Sentry. 1. Log in to System Manager. 2. Go to Security >> Local Users. 3. Verify no unauthorized users are listed. If unauthorized users are listed, this is a finding. |
Fix Text (F-54392r802230_fix) |
---|
Configure that only authorized administrators have permissions for changes, deletions, and updates on the MobileIron Sentry. 1. Log in to System Manager. 2. Go to Security >> identity Source >> Local Users. 3. Click "Add" to add authorized users. 4. If unauthorized users are listed, click the check box next to the unauthorized user and click "Delete". |