The MDM server must periodically verify the correct operation of security functions in the server.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-36062	SRG-APP-289-MDM-058-SRV	SV-47453r1_rule		Medium

Description
Security functional testing involves testing the operating system for conformance to the operating system security function specifications, as well as, for the underlying security model. The need to verify security functionality applies to all security functions. The conformance criteria state the conditions necessary for the MDM server to exhibit the desired security behavior or satisfy a security property for example, successful login triggers an audit entry. If tests are not provided and periodically run, the integrity of the system state cannot be verified.

Description

Security functional testing involves testing the operating system for conformance to the operating system security function specifications, as well as, for the underlying security model. The need to verify security functionality applies to all security functions. The conformance criteria state the conditions necessary for the MDM server to exhibit the desired security behavior or satisfy a security property for example, successful login triggers an audit entry. If tests are not provided and periodically run, the integrity of the system state cannot be verified.

STIG	Date
Mobile Device Manager Security Requirements Guide	2013-01-24

Details

Check Text ( C-44301r1_chk )
Review the MDM server configuration to ensure the system can periodically verify the correct operation of the security functions on the server. If the MDM server is not configured in this fashion, this is a finding.

Fix Text (F-40592r1_fix)
Configure the MDM server to periodically verify the correct operation of security functions in the server.