The MDM server must notify appropriate individuals when administrator accounts are created.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36078 | SRG-APP-291-MDM-078-SRV | SV-47469r1_rule | Medium |
| Description |
|---|
| Once an attacker establishes initial access to a system, they often attempt to create a persistent method of re-establishing access. One way to accomplish this is for the attacker to simply create a new account. By notifying personnel when an account is created, action can be taken immediately to terminate the access. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44317r1_chk ) |
|---|
| Review the MDM server configuration to ensure the system is configured to notify appropriate individuals when administrator accounts are created. If the system is not configured to notify appropriate individuals when administrator accounts are created, this is a finding. |
| Fix Text (F-40608r1_fix) |
|---|
| Configure the MDM server to notify appropriate individuals when administrator accounts are created. |