The MDM server must employ cryptographic mechanisms to protect the integrity and confidentiality for all audit logs managed by the server.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36328 | SRG-APP-184-MDM-273-SRV | SV-47732r1_rule | Medium |
| Description |
|---|
| The integrity of server audit logs and managed device audit logs is vital to the security baseline of the server and network. Otherwise, critical audit event information could be compromised. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44569r1_chk ) |
|---|
| Review the MDM server configuration to determine whether cryptographic mechanisms are employed to protect the integrity and confidentiality for all audit logs managed by the server. If the MDM server does not employ cryptographic mechanisms to protect the integrity and confidentiality for all audit logs managed by the server, this is a finding. |
| Fix Text (F-40858r1_fix) |
|---|
| Configure the MDM server to employee cryptographic mechanisms to protect the integrity and confidentiality for all audit logs managed by the server. |