The MDM server must use organization defined replay-resistant authentication mechanisms for network access to privileged accounts.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36040 | SRG-APP-156-MDM-036-SRV | SV-47429r1_rule | High |
| Description |
|---|
| An authentication process resists replay attacks if it is impractical to achieve a successful authentication by recording and replaying a previous authentication message. Replay attacks, if successfully used against a MDM server account could result in unfettered access to the MDM server settings and data records. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44279r1_chk ) |
|---|
| Review the MDM server configuration to ensure the system is authenticating through the Enterprise Authentication Mechanism that employs replay-resistant features. If the MDM server is not authenticating through the Enterprise Authentication Mechanism, this is a finding. |
| Fix Text (F-40570r1_fix) |
|---|
| Configure the MDM server to authenticate through the Enterprise Authentication Mechanism. |