The MDM server must produce audit records containing the severity level of each recorded event.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36273 | SRG-APP-095-MDM-242-SRV | SV-47677r1_rule | Low |
| Description |
|---|
| MDM server auditing capability is critical for accurate forensic analysis. Event severity levels allow system administrators and IA personnel to more easily identify critical system issues and debug software. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44513r1_chk ) |
|---|
| On the MDM server, review the audit logs to determine whether they contain entries with the severity level of each recorded event. If any event in the log does not have an event severity level, this is a finding. |
| Fix Text (F-40803r1_fix) |
|---|
| Modify the audit configuration to include the severity level of events in audit records. |