Applications must be able to function within separate processing domains (virtualized systems), when specified, so as to enable finer-grained allocation of user privileges.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36429 | SRG-APP-064-NA | SV-47833r1_rule | Medium |
| Description |
|---|
| Applications must employ the concept of least privilege, allowing only authorized accesses for users (and processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions. Rationale for non-applicability: An MDM server supports only one security domain. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44671r1_chk ) |
|---|
| This requirement is NA for the MDM server SRG. |
| Fix Text (F-40961r1_fix) |
|---|
| The requirement is NA. No fix is required. |