UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The organization must maintain results and mitigation actions, from CMD integrity validation tool scans on site managed mobile devices, for 6 months (one year recommended).


Overview

Finding ID Version Rule ID IA Controls Severity
V-35966 SRG-MPOL-048 SV-47282r1_rule Low
Description
Scan results must be maintained, so auditors can verify mitigation actions have been completed, so a scan can be compared to a previous scan, and to determine if there are any security vulnerability trends.
STIG Date
Mobile Policy Security Requirements Guide 2013-01-24

Details

Check Text ( C-44203r1_chk )
Verify the security personnel or system administrator is saving records of scan results and mitigation actions for the length of time designated by the site security manager (which must be a minimum of 6 months, one year recommended). If results of scans are not maintained by the site for 6 months, this is a finding.
Fix Text (F-40493r1_fix)
Maintain the results and mitigation actions from integrity tool validation scans on CMDs, for at least 6 months.