Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The MDM server must generate audit records for the DoD-required auditable events.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36320 | SRG-APP-091-MDM-269-SRV | SV-47724r1_rule | Low |
| Description |
|---|
| The DoD-required auditable events are events that assist in intrusion detection and forensic analysis. Failure to capture them increases the likelihood that an adversary can breach the system without detection. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44561r1_chk ) |
|---|
| Review product documentation and the system configuration to determine whether the DoD-required auditable events are recorded. Required events include system startup and shutdown, successful and unsuccessful device unlock attempts, program execution, and integrity validation failures. Verify a reasonable subset of these events is captured in practice by examining the audit logs. If the audit logs do not include DoD-required auditable events, this is a finding. |
| Fix Text (F-40851r1_fix) |
|---|
| Configure the MDM server to generate audit records for the DoD-required auditable events. |