UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The Samsung SDS EMM must implement functionality to generate an audit record of the following auditable events: c. [selection: Commands issued to the MDM Agent].


Overview

Finding ID Version Rule ID IA Controls Severity
V-225640 SSDS-00-000010 SV-225640r547707_rule Low
Description
Audit logs enable monitoring of security-relevant events and subsequent forensics when breaches occur. For audit logs to be useful, administrators must have the ability to view them. SFR ID: FAU_GEN.1.1(1)
STIG Date
Samsung SDS EMM Security Technical Implementation Guide 2020-09-16

Details

Check Text ( C-27341r547705_chk )
Use the following procedure to verify logging of all commands issued to the MDM Agent has been configured on the SDS EMM server:

On the MDM console, do the following:
1. Log in to the Admin Console using a web browser.
2. Go to Service Overview >> Log and Event >> Audit Event.
3. Verify all audit events with Type as "Server" and Event Category as "Device Command" have been selected.

If logging of all commands issued to the MDM Agent has not been configured on the SDS EMM server, this is a finding.
Fix Text (F-27329r547706_fix)
Use the following instructions to configure logging of all commands issued to the MDM Agent on the SDS EMM server:

On the MDM console, do the following:
1. Log in to the Admin Console using a web browser.
2. Go to Service Overview >> Log and Event >> Audit Event.
3. Select Type as "Server" and Event Category as "Device Command".
4. Check the audit target and click the "Save" button at the top of the page.