The MDM server must support an audit reduction capability.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36305 | SRG-APP-113-MDM-259-SRV | SV-47709r1_rule | Low |
| Description |
|---|
| Audit reduction is used to reduce the volume of audit records in order to facilitate manual review. Before a security review information systems and/or applications with an audit reduction capability may remove many audit records known to have little security significance. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44546r1_chk ) |
|---|
| Review the configuration settings to determine whether the MDM server audit system supports an audit reduction capability. Review MDM server documentation and audit records. If the MDM server cannot support an audit reduction capability, this is a finding. |
| Fix Text (F-40836r1_fix) |
|---|
| Configure the MDM server to support an audit reduction capability. |