Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-70525 | MICR-9X-102120 | SV-85147r1_rule | Medium |
Description |
---|
Audit records must contain basic data fields so they contain enough information to support identification and investigation of attempted or successful compromises. Failure to have these data fields in audit records makes it more difficult to identify or investigate attempted or successful compromises, potentially causing incidents to last longer than necessary. SFR ID: FAU_GEN.1.2(1) Refinement |
STIG | Date |
---|---|
MobileIron Core v9.x MDM Security Technical Implementation Guide | 2017-06-02 |
Check Text ( C-70925r1_chk ) |
---|
These procedures are the same as MICR-9X-102150. They only have to be performed once. Review MobileIron Core Server documentation and configuration settings to determine if the server is configured to record required audit information. Check MobileIron Core Server Common Criteria mode: 1. SSH to MobileIron Core from any SSH client. 2. Enter the administrator credentials set up when the MobileIron Core was installed. 3. Enter "show common_criteria_mode_status". 4. The following message should appear: "Common Criteria Mode is enabled". If on the MobileIron Core server the Common Criteria Mode is not enabled, this is a finding. |
Fix Text (F-76763r1_fix) |
---|
These procedures are the same as MICR-9X-102150. They only have to be performed once. Configure MobileIron Core Server Common Criteria mode: 1. SSH to MobileIron Core from any SSH client. 2. Enter the administrator credentials set up when the MobileIron Core was installed. 3. Enter "enable". 4. When prompted, enter the "enable" secret set up when the MobileIron Core was installed. 5. Enter "configure terminal". 6. Enter "common_criteria_mode". 7. Enter the following command to proceed with the necessary reload: do reload The system will not be reachable until the reboot is complete. |