Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
All UEM Agent cryptography supporting DoD functionality must be FIPS 140-2 validated.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-234248 | SRG-APP-000555-UEM-100014 | SV-234248r617402_rule | High |
| Description |
|---|
| Unapproved cryptographic algorithms cannot be relied on to provide confidentiality or integrity, and DoD data could be compromised as a result. The most common vulnerabilities with cryptographic modules are those associated with poor implementation. FIPS 140-2 validation provides assurance that the relevant cryptography has been implemented correctly. FIPS 140-2 validation is also a strict requirement for use of cryptography in the federal government for protecting unclassified data. Satisfies: FCS Reference: PP-UEM-404200 |
| STIG | Date |
|---|---|
| Unified Endpoint Management Agent Security Requirements Guide | 2020-12-14 |
Details
| Check Text ( C-37433r612050_chk ) |
|---|
| Verify all UEM Agent cryptography supporting DoD functionality is FIPS 140-2 validated. If all UEM Agent cryptography supporting DoD functionality is not FIPS 140-2 validated, this is a finding. |
| Fix Text (F-37398r612051_fix) |
|---|
| Configure the UEM Agent cryptography supporting DoD functionality for FIPS 140-2 mode. |