The MDM server must use cryptographic mechanisms to protect the integrity of audit tools.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36349 | SRG-APP-290-MDM-286-SRV | SV-47753r1_rule | High |
| Description |
|---|
| Auditing and logging are key components of any security architecture. It is essential security personnel know what is being done, what attempted to be done, where it was done, when it was done, and by whom in order to compile an accurate risk assessment. Cryptographic mechanisms must be used to protect the integrity of the audit tools used for audit reduction and reporting. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44591r1_chk ) |
|---|
| Review the MDM server configuration to determine whether the MDM server uses cryptographic mechanisms to protect the integrity of audit tools. If the MDM server does not use cryptographic mechanisms to protect the integrity of audit tools, this is a finding. |
| Fix Text (F-40881r1_fix) |
|---|
| Configure the MDM server to use cryptographic mechanisms to protect the integrity of audit tools. |