Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The MDIS server must have the capability to maintain change history of individual devices.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-32765 | WIR-WMS-MDIS-18 | SV-43111r1_rule | ECAT-1 | Medium |
| Description |
|---|
| Scan results must be maintained so auditors can verify mitigation actions have been completed, so a scan can be compared to a previous scan, and to determine if there are any security vulnerability trends for site managed mobile OS devices. |
| STIG | Date |
|---|---|
| Mobile Device Integrity Scanning (MDIS) Server Security Technical Implementation Guide (STIG) | 2013-05-08 |
Details
| Check Text ( C-41099r5_chk ) |
|---|
| Verify the MDIS server has the capability to maintain change history of individual devices. Talk to the site system administrator and have them show this capability exists in the MDIS server. Also, review MDIS product documentation. Mark as a finding if the MDIS server does not have required features. |
| Fix Text (F-36647r5_fix) |
|---|
| Use an MDIS product that has the capability to maintain change history of individual devices. |