STIGQter: STIG Summary: Jamf Pro v10.x EMM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 03 Feb 2020:

The Jamf Pro EMM local accounts must be configured with password maximum lifetime of 3 months.

DISA Rule

SV-108725r1_rule

Vulnerability Number

V-99621

Group Title

PP-MDM-991000

Rule Version

JAMF-10-100770

Severity

CAT II

CCI(s)

CCI-000174 - The information system compiles audit records from organization-defined information system components into a system-wide (logical or physical) audit trail that is time-correlated to within an organization-defined level of tolerance for relationship between time stamps of individual records in the audit trail.

Weight

Fix Recommendation

To configure the "password maximum lifetime" of "3" months for the local account's password, do the following:

1. Open the Jamf Pro EMM console.
2. Click "Settings".
3. Click "System Settings".
4. Click "Jamf Pro System User Accounts & Groups".
5. Click "Password Policy".
6. Click "Edit".
7. Set the "password maximum lifetime" of "3" months.

Check Contents

To verify the "password maximum lifetime" of "3" months for the local account's password is set, do the following:

1. Open the Jamf Pro EMM console.
2. Click "Settings".
3. Click "System Settings".
4. Click "Jamf Pro System User Accounts & Groups".
5. Click "Password Policy".
6. Verify "password maximum lifetime" of "3" months.

If the "password maximum lifetime" for local account's password is not set to "3" months, this is a finding.

Vulnerability Number

V-99621

Documentable

False

Rule Version

JAMF-10-100770

Severity Override Guidance

Check Content Reference

Target Key

3593

The Jamf Pro EMM local accounts must be configured with password maximum lifetime of 3 months.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments