Mitigation actions identified by MDIS server scans on site managed mobile OS devices must be implemented.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-32749 | WIR-WMS-MDIS-02 | SV-43095r1_rule | ECWN-1 | High |
| Description |
|---|
| If mitigation actions identified by the Mobile OS device integrity tool are not implemented, DoD data and the enclave could be at risk of being compromised because the security baseline of the device has been compromised. |
| STIG | Date |
|---|---|
| Mobile Device Integrity Scanning (MDIS) Server Security Technical Implementation Guide (STIG) | 2012-07-20 |
Details
| Check Text ( C-41082r4_chk ) |
|---|
| Review records of scan results indicating a finding, recommended mitigation actions from the scan report, and the site's report on what mitigation action was implemented. Verify mitigation actions on scan findings were implemented at the site. Mark as a finding if mitigation actions have not been implemented after a scan indicates a finding. |
| Fix Text (F-36629r1_fix) |
|---|
| Implement required mitigation actions. |