UCF STIG Viewer Logo

The MDM server device integrity validation component must verify the integrity of all operating system files, device drivers, and security enforcement mechanisms at startup and at least every six hours thereafter using one or more DoD approved cryptographic mechanisms that compare attributes of the operating system configuration to a known good baseline.


Overview

Finding ID Version Rule ID IA Controls Severity
V-36186 SRG-APP-262-MDM-178-MDIS SV-47590r1_rule High
Description
One of the most significant indicators of an IA attack is modification of operating system files, device drivers, or security enforcement mechanisms. An integrity verification capability or tool detects unauthorized modifications to files or permissions and either prevents further operation or reports its findings so an appropriate response can occur.
STIG Date
Mobile Device Manager Security Requirements Guide 2013-01-24

Details

Check Text ( C-44426r2_chk )
Review the MDM server configuration to ensure the MDM server device integrity validation component verifies the integrity of all operating system files, device drivers, and security enforcement mechanisms at startup and at least every six hours thereafter using one or more DoD approved cryptographic mechanisms that compare attributes of the operating system configuration to a known good baseline. If this verification is not being performed, this is a finding.
Fix Text (F-40716r2_fix)
Configure the MDM server device integrity validation component to verify the integrity of all operating system files, device drivers, and security enforcement mechanisms at startup and at least every six hours thereafter using one or more DoD approved cryptographic mechanisms that compare attributes of the operating system configuration to a known good baseline.