STIGQter STIGQter: STIG Summary: BlackBerry UEM Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The BlackBerry UEM server must [selection: invoke platform-provided functionality, implement functionality] to generate an audit record of the following auditable events: c. [selection: Commands issued to the MDM Agent].

DISA Rule

SV-224371r604136_rule

Vulnerability Number

V-224371

Group Title

PP-MDM-412000

Rule Version

BUEM-00-000010

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

On the BlackBerry UEM, do the following:
1. On the menu bar, click Settings >> Infrastructure >> Audit settings.
2. In the right pane, click the edit icon.
3. To add security events to audit, click + . Select the events and click Add.
4. Select each "Command" event (Command delivered, Command sent).
5. In the Setting column, select "all" for the "Command delivered" event.
6. Click Save.
Note: For audit record fields for server audits, include: Commands sent to the device.

Check Contents

Review the audit record which can be found in the UEM console in Settings >> Infrastructure >> Audit settings >> Security event audit settings section.

Verify both "Command" events are listed and "setting" is set to "All" for the "Command delivered" event.
If both "Command" events are not listed and "setting" is not set to "All" for the "Command delivered" event, this is a finding.

Vulnerability Number

V-224371

Documentable

False

Rule Version

BUEM-00-000010

Severity Override Guidance

Review the audit record which can be found in the UEM console in Settings >> Infrastructure >> Audit settings >> Security event audit settings section.

Verify both "Command" events are listed and "setting" is set to "All" for the "Command delivered" event.
If both "Command" events are not listed and "setting" is not set to "All" for the "Command delivered" event, this is a finding.

Check Content Reference

M

Target Key

4134

Comments