The application must have the capability to produce audit records on hardware-enforced, write-once media.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-36405	SRG-APP-124-NA	SV-47809r1_rule		Medium

Description
Applications are typically designed to incorporate their audit logs into the auditing sub-system hosted by the operating system. However, in some instances application developers may decide to forego the audit capabilities offered by the operating system and maintain application audit logs separately. Rationale for non-applicability: This requirement is not applicable to an MDM server. It is applicable to a central audit management system.

Description

Applications are typically designed to incorporate their audit logs into the auditing sub-system hosted by the operating system. However, in some instances application developers may decide to forego the audit capabilities offered by the operating system and maintain application audit logs separately. Rationale for non-applicability: This requirement is not applicable to an MDM server. It is applicable to a central audit management system.

STIG	Date
Mobile Device Manager Security Requirements Guide	2013-01-24

Details

Check Text ( C-44647r1_chk )
This requirement is NA for the MDM server SRG.

Fix Text (F-40937r1_fix)
The requirement is NA. No fix is required.