STIGQter: STIG Summary: Samsung SDS EMM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 11 Sep 2020:

The Samsung SDS EMM must be configured to communicate the following commands to the MDM Agent: read audit logs kept by the MD.

DISA Rule

SV-225641r547710_rule

Vulnerability Number

V-225641

Group Title

PP-MDM-411009

Rule Version

SSDS-00-000110

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Use the following instructions to verify the command has been configured to read audits to the MDM Agent on the SDS EMM server:

On the MDM console, do the following:
1. Log in to the Admin Console using a web browser.
2. Go to Service Overview >> Log and Event >> Audit Event.
3. Select all audit events with audit type of "Device" and click the "Save" button.

Check Contents

Use the following procedure to verify the command to read audits to the MDM Agent has been configured on the SDS EMM server:

On the MDM console, do the following:
1. Log in to the Admin Console using a web browser.
2. Go to Service Overview >> Log and Event >> Audit Log.
3. Verify all audit events with audit type of "Device" have been selected.

If the command for reading audits to the MDM Agent has not been configured on the SDS EMM server, this is a finding.

Vulnerability Number

V-225641

Documentable

False

Rule Version

SSDS-00-000110

Severity Override Guidance

Use the following procedure to verify the command to read audits to the MDM Agent has been configured on the SDS EMM server:

On the MDM console, do the following:
1. Log in to the Admin Console using a web browser.
2. Go to Service Overview >> Log and Event >> Audit Log.
3. Verify all audit events with audit type of "Device" have been selected.

If the command for reading audits to the MDM Agent has not been configured on the SDS EMM server, this is a finding.

Check Content Reference

M

Target Key

4216

Comments