STIGQter: STIG Summary: Unified Endpoint Management Server Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The UEM server must be configured to provide a trusted communication channel between itself and authorized IT entities using [selection: -IPsec, -SSH, -mutually authenticated TLS, -mutually authenticated DTLS, -HTTPS].

DISA Rule

SV-234390r617355_rule

Vulnerability Number

V-234390

Group Title

SRG-APP-000191

Rule Version

SRG-APP-000191-UEM-000117

Severity

CAT II

CCI(s)

• CCI-001135 - The information system establishes a trusted communications path between the user and organization-defined security functions within the information system.

Weight

10

Fix Recommendation

Configure the UEM server to provide a trusted communication channel between itself and authorized IT entities using [selection:
-IPsec,
-SSH,
-mutually authenticated TLS,
-mutually authenticated DTLS,
-HTTPS].

Check Contents

Verify the UEM server provides a trusted communication channel between itself and authorized IT entities using [selection:
-IPsec,
-SSH,
-mutually authenticated TLS,
-mutually authenticated DTLS,
-HTTPS].

If the UEM server does not provide a trusted communication channel between itself and authorized IT entities using [selection:
-IPsec,
-SSH,
-mutually authenticated TLS,
-mutually authenticated DTLS,
-HTTPS], this is a finding.

Vulnerability Number

V-234390

Documentable

False

Rule Version

SRG-APP-000191-UEM-000117

Severity Override Guidance

Verify the UEM server provides a trusted communication channel between itself and authorized IT entities using [selection:
-IPsec,
-SSH,
-mutually authenticated TLS,
-mutually authenticated DTLS,
-HTTPS].

If the UEM server does not provide a trusted communication channel between itself and authorized IT entities using [selection:
-IPsec,
-SSH,
-mutually authenticated TLS,
-mutually authenticated DTLS,
-HTTPS], this is a finding.

Check Content Reference

M

Target Key

5269

Comments