The mobile operating system must allow organizational personnel through mobile device management services to select which auditable events are to be audited by the mobile operating system.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-32980 | SRG-OS-000063-MOS-000031 | SV-43378r1_rule | Medium |
| Description |
|---|
| The list of audited events is the set of events for which audits are to be generated. This set of events is typically a subset of the list of all events for which the system is capable of generating audit records (i.e., auditable events). Organizations will define the organizational personal accountable for selecting auditable events. The mobile operating system must allow the designated personnel to select the items to be audited through mobile device management services. |
| STIG | Date |
|---|---|
| Mobile Operating System Security Requirements Guide | 2012-10-01 |
Details
| Check Text ( C-41279r1_chk ) |
|---|
| Examine the mobile operating system to determine it allows organizational personnel through mobile device management services to select which auditable events are to be audited by the mobile operating system. If organizational personnel cannot select which events are to be audited, this is a finding. |
| Fix Text (F-36894r1_fix) |
|---|
| Configure the mobile operating system to allow organizational personnel through mobile device management services to select which auditable events are to be audited by the mobile operating system. |