Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The MDM server must record an event in audit log each time the server makes a security relevant configuration change on a managed mobile device.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36325 | SRG-APP-130-MDM-272-SRV | SV-47729r1_rule | Medium |
| Description |
|---|
| Any changes to the hardware, software, and/or firmware components of the information system and/or application can potentially have significant effects on the overall security of the system. Security-relevant configuration changes, if not authorized, are a breach of system security and might indicate a broader attack is occurring. Recording security-relevant changes in the audit logs mitigates the risk that unauthorized changes will go undetected. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44566r1_chk ) |
|---|
| Inspect the audit logs to determine whether security relevant configuration changes are being recorded. Make several security relevant configuration changes and verify these were recorded in the audit log. If any of the security relevant changes do not appear in the log, this is a finding. |
| Fix Text (F-40856r1_fix) |
|---|
| Configure the MDM server to record an event in the device audit log each time there is a security relevant configuration change. |