UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The MDM server, before or upon successful unlock, must display to the administrator the number of unsuccessful unlock attempts since the last successful unlock.


Overview

Finding ID Version Rule ID IA Controls Severity
V-36014 SRG-APP-076-MDM-009-SRV SV-47403r1_rule Low
Description
MDM server users need to be very vigilant in maintaining situational awareness of activity that occurs regarding their accounts. Providing them with information regarding the date and time of unsuccessful login allows them to determine if any unauthorized activity has occurred, gives them an opportunity to notify appropriate security personnel if necessary, and ensure other systems have not been affected. If administrators are not aware of potential attacks against a system, they cannot perform due diligence to ensure access is not granted to unauthorized users.
STIG Date
Mobile Device Manager Security Requirements Guide 2013-01-24

Details

Check Text ( C-44253r1_chk )
Review the MDM server configuration to determine whether the administrator is informed of the number of unsuccessful unlock attempts since the last successful unlock. If the administrator is not informed of this information, this is a finding.
Fix Text (F-40544r1_fix)
Configure the MDM server to, before or upon successful unlock, display to the administrator the number of unsuccessful unlock attempts since the last successful unlock.