The MDM server must protect audit information from unauthorized deletion.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36316 | SRG-APP-120-MDM-266-SRV | SV-47720r1_rule | Medium |
| Description |
|---|
| If audit data were to become compromised then competent forensic analysis and discovery of the true source of potentially malicious system activity is impossible to achieve. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44557r1_chk ) |
|---|
| Review MDM server documentation and configuration settings to determine whether the MDM server audit feature protects audit information from unauthorized deletion. If the MDM server does not protect audit information from unauthorized deletion, this is a finding. |
| Fix Text (F-40847r1_fix) |
|---|
| Configure the MDM server to protect audit information from unauthorized deletion. |