UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The UEM server must disable organization-defined functions, ports, protocols, and services (within the application) deemed unnecessary and/or non-secure.


Overview

Finding ID Version Rule ID IA Controls Severity
V-234526 SRG-APP-000383-UEM-000254 SV-234526r961470_rule Medium
Description
Removal of unneeded or non-secure functions, ports, protocols, and services mitigate the risk of unauthorized connection of devices, unauthorized transfer of information, or other exploitation of these resources. Examples include unneeded listening ports. The organization must perform a periodic scan/review of the application (as required by CCI-000384) and disable functions, ports, protocols, and services deemed to be unneeded or non-secure. Satisfies:FMT_SMF.1.1(2) Refinement b Reference:PP-MDM-431006
STIG Date
Unified Endpoint Management Server Security Requirements Guide 2024-07-02

Details

Check Text ( C-37711r851596_chk )
Verify the UEM server disables organization-defined functions, ports, protocols, and services (within the application) deemed unnecessary and/or non-secure.

If the UEM server does not disable organization-defined functions, ports, protocols, and services (within the application) deemed unnecessary and/or non-secure, this is a finding.
Fix Text (F-37676r615222_fix)
Configure the UEM server to disable organization-defined functions, ports, protocols, and services (within the application) deemed unnecessary and/or non-secure.