Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The Samsung SDS EMM must be configured to communicate the following commands to the MDM Agent: read audit logs kept by the MD.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-225641 | SSDS-00-000110 | SV-225641r588007_rule | Medium |
| Description |
|---|
| Audit logs enable monitoring of security-relevant events and subsequent forensics when breaches occur. For audit logs to be useful, administrators must have the ability to view them. SFR ID: FMT_SMF.1.1(1) #19 |
| STIG | Date |
|---|---|
| Samsung SDS EMM Security Technical Implementation Guide | 2021-06-07 |
Details
| Check Text ( C-27342r560947_chk ) |
|---|
| Use the following procedure to verify the command to read audits to the MDM Agent has been configured on the SDS EMM server: On the MDM console, do the following: 1. Log in to the Admin Console using a web browser. 2. Go to Service Overview >> Log and Event >> Audit Log. 3. Verify all audit events with audit type of "Device" have been selected. If the command for reading audits to the MDM Agent has not been configured on the SDS EMM server, this is a finding. |
| Fix Text (F-27330r560948_fix) |
|---|
| Use the following instructions to verify the command has been configured to read audits to the MDM Agent on the SDS EMM server: On the MDM console, do the following: 1. Log in to the Admin Console using a web browser. 2. Go to Service Overview >> Log and Event >> Audit Event. 3. Select all audit events with audit type of "Device" and click the "Save" button. |