Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The MDM server must protect against an individual falsely denying having performed a particular action.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36022 | SRG-APP-080-MDM-019-SRV | SV-47411r1_rule | Medium |
| Description |
|---|
| Non-repudiation of actions taken is required in order to maintain application integrity. Examples of particular actions taken by individuals include creating information, sending a message, approving information (e.g., indicating concurrence or signing a contract), and receiving a message. When non-repudiation techniques are not employed, high assurance that an individual performed a specific action cannot be guaranteed and the individual can falsely deny having performed such action and therefore, be held unaccountable. Non-repudiation protects individuals against later claims by an author of not having authored a particular document, a sender of not having transmitted a message, a receiver of not having received a message, or a signatory of not having signed a document. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44261r1_chk ) |
|---|
| Review the MDM server configuration to determine whether the system is protecting against an individual falsely denying having performed a particular action. If the system is not performing this function, this is a finding. |
| Fix Text (F-40552r1_fix) |
|---|
| Configure the MDM server to protect against an individual falsely denying having performed a particular action. |