UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Microsoft Android 11 must be configured to enable audit logging.


Overview

Finding ID Version Rule ID IA Controls Severity
V-255222 MSFT-11-005505 SV-255222r870834_rule Medium
Description
Audit logs enable monitoring of security-relevant events and subsequent forensics when breaches occur. To be useful, Administrators must have the ability to view the audit logs. SFR ID: FMT_SMF_EXT.1.1 #32
STIG Date
Microsoft Android 11 COPE Security Technical Implementation Guide 2022-11-14

Details

Check Text ( C-58835r870764_chk )
Review documentation on the Microsoft Android device and inspect the configuration on the Microsoft Android device to enable audit logging.

This validation procedure is performed on only on the EMM Administration console.

On the EMM console:
1. Open "Device owner management" section.
2. Verify that "Enable security logging" is toggled to "On".

If the EMM console device policy is not set to enable audit logging, this is a finding.
Fix Text (F-58779r869282_fix)
Configure the Microsoft Android 11 device to enable audit logging.

On the EMM console:
1. Open "Device owner management" section.
2. Toggle "Enable security logging" to "On".