Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The organization must maintain results and mitigation actions, from CMD integrity validation tool scans on site managed mobile devices, for 6 months.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-MPOL-075 | SRG-MPOL-075 | SRG-MPOL-075_rule | Low |
| Description |
|---|
| Scan results must be maintained so auditors can verify mitigation actions have been completed, so a scan can be compared to a previous scan, and to determine if there are any security vulnerability trends. |
| STIG | Date |
|---|---|
| Mobile Policy Security Requirements Guide | 2012-10-10 |
Details
| Check Text ( C-SRG-MPOL-075_chk ) |
|---|
| Verify the security personnel or system administrator is saving records of scan results and mitigation actions for the length of time designated by the site security manager (which must be a minimum of 6 months). If results of scans are not maintained by the site for 6 months, this is a finding. |
| Fix Text (F-SRG-MPOL-075_fix) |
|---|
| Maintain the results and mitigation actions from integrity tool validation scans on CMDs, for at least 6 months. |