Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-93573 | KNOX-09-000175 | SV-103659r1_rule | Medium |
Description |
---|
Audit logs enable monitoring of security-relevant events and subsequent forensics when breaches occur. They help identify attacks so that breaches can be prevented or limited in their scope, and they facilitate analysis to improve performance and security. The requirement statement lists key events for which the system must generate an audit record. SFR ID: FAU_GEN.1.1 #8 |
STIG | Date |
---|---|
Samsung Android OS 9 with Knox 3.x COBO Use Case KPE(Legacy) Deployment Security Technical Implementation Guide | 2020-06-09 |
Check Text ( C-92889r1_chk ) |
---|
Review device configuration settings to confirm that the Knox audit log is enabled. This procedure is performed on the MDM Administration console only. On the MDM console, for the device, in the "Knox audit log" group, verify that "enable audit log" is selected. If on the MDM console the "enable audit log" is not selected, this is a finding. |
Fix Text (F-99817r1_fix) |
---|
Configure Samsung Android to enable the Knox audit log. On the MDM console, for the device, in the "Knox audit log" group, select "enable audit log". |