The MDM server must provide notification to an external device of failed automated security tests on the server.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36063 | SRG-APP-275-MDM-059-SRV | SV-47454r1_rule | High |
| Description |
|---|
| Automated security tests are critical in the detection of IA attacks. Such checks include verification of the integrity of system files, device drivers, and security enforcement mechanisms. However, users and systems administrators can only benefit from the security tests of they are notified in case of failure. A notification mechanism reduces the risk that a security breach will go undetected. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44302r1_chk ) |
|---|
| Review the MDM server configuration to determine how the system responds in the event of a failed automated security test. Determine if there is some form of beaconing or alerting that could be detectable by the MDM server or other network management system. If there are any known security tests for which notification does not occur, this is a finding. |
| Fix Text (F-40593r1_fix) |
|---|
| Configure the operating system to provide notification of failed automated security tests. |