The mobile operating system must alert the Mobile Device Management or Intrusion Detection and Prevention System when it detects integrity check failures.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-33206 | SRG-OS-000214-MOS-000113 | SV-43607r1_rule | Medium |
| Description |
|---|
| Successful incident response and auditing relies on timely, accurate system information and analysis in order to allow the organization to identify and respond to potential incidents in a proficient manner. Alerting the Mobile Device Management (MDM) or Intrusion Detection and Prevention System (IDPS) mitigates the potential for attacks triggering integrity failures to have further consequences to the enterprise. |
| STIG | Date |
|---|---|
| Mobile Operating System Security Requirements Guide | 2013-07-03 |
Details
| Check Text ( C-41470r1_chk ) |
|---|
| Review system documentation and operating system configuration to determine if the operating system alerts an MDM or IDPS when it has detected an integrity check failure. Review MDM and IDPS logs to verify such reporting is occurring, perhaps forcing an integrity failure if one does not appear in the audit record. If the operating system is not configured to alert an MDM or IDPS in the event of an integrity failure, this is a finding. |
| Fix Text (F-37110r2_fix) |
|---|
| Configure the operating system to alert the MDM or IDPS when it has detected integrity check failures. |