STIGQter: STIG Summary: Jamf Pro v10.x EMM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 03 Feb 2020:

The Jamf Pro EMM server must connect to [Authentication Gateway Service (AGS)] with an authenticated and secure (encrypted) connection to protect the confidentiality and integrity of transmitted information.

DISA Rule

SV-108695r1_rule

Vulnerability Number

V-99591

Group Title

PP-MDM-431009

Rule Version

JAMF-10-200065

Severity

CAT II

CCI(s)

• CCI-002418 - The information system protects the confidentiality and/or integrity of transmitted information.
• CCI-002420 - The information system maintains the confidentiality and/or integrity of information during preparation for transmission.
• CCI-002421 - The information system implements cryptographic mechanisms to prevent unauthorized disclosure of information and/or detect changes to information during transmission unless otherwise protected by organization-defined alternative physical safeguards.
• CCI-002422 - The information system maintains the confidentiality and/or integrity of information during reception.

Weight

10

Fix Recommendation

Confirm the Administrator has configured the AGS to connect to the Jamf Pro EMM server using the TLS connection.

Check Contents

Talk to the site Administrator to confirm the AGS has been configured to connect to the Jamf Pro EMM server using the TLS connection or confirm during a review of the AGS.

If the AGS has not been configured to connect to the Jamf Pro EMM server using a TLS connection, this is a finding.

Vulnerability Number

V-99591

Documentable

False

Rule Version

JAMF-10-200065

Severity Override Guidance

Talk to the site Administrator to confirm the AGS has been configured to connect to the Jamf Pro EMM server using the TLS connection or confirm during a review of the AGS.

If the AGS has not been configured to connect to the Jamf Pro EMM server using a TLS connection, this is a finding.

Check Content Reference

M

Target Key

3593

Comments