The MDIS server must scan for malicious code on managed mobile devices at least every 6 hours.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-32752 | WIR-WMS-MDIS-05 | SV-43098r1_rule | DCMC-1 | Medium |
| Description |
|---|
| Detection of possible compromise of a DoD mobile device is a key security control to insure the compromise does not result in the exposure of sensitive DoD data or lead to a successful attack on the DoD network. |
| STIG | Date |
|---|---|
| Mobile Device Integrity Scanning (MDIS) Server Security Technical Implementation Guide (STIG) | 2013-01-17 |
Details
| Check Text ( C-41085r7_chk ) |
|---|
| Verify the MDIS server scans for malicious code on managed mobile devices at least every 6 hours. Talk to the site system administrator and have them show this capability exists in the MDIS server and is enabled. Also, review MDIS product documentation. Mark as a finding if the MDIS server does not have required features. |
| Fix Text (F-36633r4_fix) |
|---|
| Use an MDIS product that scans for malicious code on managed mobile devices at least every 6 hours. |