The MDM server must configure the information system to specifically prohibit or restrict the use of organization defined functions, ports, protocols, and/or services on the server.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36032 | SRG-APP-142-MDM-027-SRV | SV-47421r1_rule | High |
| Description |
|---|
| Most information systems are capable of providing a wide variety of functions and services. Some of the functions and services, provided by default, may not be necessary to support essential organizational operations. Unneeded services and processes provide additional threat vectors and avenues of attack to the information system. The MDM server is a critical component of the mobility architecture and it must be configured to only those ports, protocols, and services (PPS) necessary to support functionality, all others must be expressly disabled or removed. The DoD Category Assurance List (CAL) should be referenced for compliance. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44271r1_chk ) |
|---|
| Review the MDM server configuration to determine whether the system is configured to specifically prohibit or restrict the use of organization defined functions, ports, protocols, and/or services on the server. If these restrictions are not implemented, this is a finding. |
| Fix Text (F-40562r1_fix) |
|---|
| Configure the MDM server to specifically prohibit or restrict the use of organization defined functions, ports, protocols, and/or services on the server. |