STIGQter: STIG Summary: Google Android 9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 23 Aug 2019:

The Google Android Pie must be configured to generate audit records for the following auditable events: detected integrity violations.

DISA Rule

SV-106447r1_rule

Vulnerability Number

V-97343

Group Title

PP-MDF-301420

Rule Version

GOOG-09-006100

Severity

CAT III

CCI(s)

• CCI-000169 - The information system provides audit record generation capability for the auditable events defined in AU-2 a. at organization-defined information system components.

Weight

10

Fix Recommendation

Configure the Google Android device to generate audit records for the following auditable events: detected integrity violations.

On the MDM console, do the following:

On the MDM Console:
1. Go to Policy management.
2. Enable Security Logging.

Check Contents

Review Google Android device configuration settings to determine if the mobile device is configured to generate audit records for the following auditable events: detected integrity violations.

This validation procedure is performed only on the MDM Administration Console.

On the MDM console, do the following:
1. Go to Policy management.
2. Confirm Security Logging is enabled.

If the MDM console device policy is not set to enable security logging, this is a finding.

Vulnerability Number

V-97343

Documentable

False

Rule Version

GOOG-09-006100

Severity Override Guidance

Review Google Android device configuration settings to determine if the mobile device is configured to generate audit records for the following auditable events: detected integrity violations.

This validation procedure is performed only on the MDM Administration Console.

On the MDM console, do the following:
1. Go to Policy management.
2. Confirm Security Logging is enabled.

If the MDM console device policy is not set to enable security logging, this is a finding.

Check Content Reference

M

Target Key

3499

Comments