The MDIS server must alert when it identifies malicious code on managed mobile devices.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-32753 | WIR-WMS-MDIS-06 | SV-43099r1_rule | ECAT-1 | High |
| Description |
|---|
| Detection of possible compromise of a DoD mobile device is a key security control to insure the compromise does not result in the exposure of sensitive DoD data or lead to a successful attack on the DoD network. Alerting is required to ensure proper management oversight is provided to timely mitigation actions to reduce the effect of the compromise. |
| STIG | Date |
|---|---|
| Mobile Device Integrity Scanning (MDIS) Server Security Technical Implementation Guide (STIG) | 2013-01-17 |
Details
| Check Text ( C-41086r5_chk ) |
|---|
| Verify the MDIS server alerts when it identifies malicious code on managed mobile devices. Talk to the site system administrator and have them show this capability exists in the MDIS server and is enabled. Also, review MDIS product documentation. Mark as a finding if the MDIS server does not have required features. |
| Fix Text (F-36635r5_fix) |
|---|
| Use an MDIS product that alerts when it identifies malicious code on managed mobile devices and enable the feature. |