Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-36244 | SRG-APP-193-MDM-226-SRV | SV-47648r1_rule | Medium |
Description |
---|
Cryptography is only as strong as the encryption modules/algorithms that are employed to encrypt the data. Strong encryption must be used to protect the integrity and confidentiality of the data. |
STIG | Date |
---|---|
Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Check Text ( C-44484r1_chk ) |
---|
Review MDM server configuration, and NIST FIPS certificate to validate the server produces, controls, and distributes asymmetric cryptographic keys using NIST-approved or NSA-approved key management technology and processes. If the MDM server does not produce, control, and distribute asymmetric cryptographic keys using NIST-approved or NSA-approved key management technology and processes, this is a finding. |
Fix Text (F-40774r1_fix) |
---|
Configure the MDM server to produce, control, and distribute asymmetric cryptographic keys using NIST-approved or NSA-approved key management technology and processes. |