STIGQter: STIG Summary: Unified Endpoint Management Agent Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The UEM Agent must record within each UEM Agent audit record the following information: -date and time of the event -type of event -subject identity -(if relevant) the outcome (success or failure) of the event.

DISA Rule

SV-234238r617417_rule

Vulnerability Number

V-234238

Group Title

SRG-APP-000097

Rule Version

SRG-APP-000097-UEM-100005

Severity

CAT II

CCI(s)

• CCI-000132 - The information system generates audit records containing information that establishes where the event occurred.

Weight

10

Fix Recommendation

Configure the UEM Agent to record within each UEM Agent audit record the following information:
-Date and time of the event
-type of event
-subject identity
-(if relevant) the outcome (success or failure) of the event.

Check Contents

Verify the UEM Agent records within each UEM Agent audit record the following information:
-Date and time of the event
-type of event
-subject identity
-(if relevant) the outcome (success or failure) of the event.

If the UEM Agent does not record within each UEM Agent audit record the following information:
-Date and time of the event
-type of event
-subject identity
-(if relevant) the outcome (success or failure) of the event
this is a finding.

Vulnerability Number

V-234238

Documentable

False

Rule Version

SRG-APP-000097-UEM-100005

Severity Override Guidance

Verify the UEM Agent records within each UEM Agent audit record the following information:
-Date and time of the event
-type of event
-subject identity
-(if relevant) the outcome (success or failure) of the event.

If the UEM Agent does not record within each UEM Agent audit record the following information:
-Date and time of the event
-type of event
-subject identity
-(if relevant) the outcome (success or failure) of the event
this is a finding.

Check Content Reference

M

Target Key

5262

Comments