STIGQter: STIG Summary: Unified Endpoint Management Server Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The UEM server must be configured to invoke either host-OS functionality or server functionality to provide a trusted communication channel between itself and managed devices that provides assured identification of its endpoints and protection of the communicated data from modification and disclosure using [selection:-TLS, -HTTPS].

DISA Rule

SV-234392r617355_rule

Vulnerability Number

V-234392

Group Title

SRG-APP-000191

Rule Version

SRG-APP-000191-UEM-000119

Severity

CAT II

CCI(s)

• CCI-001135 - The information system establishes a trusted communications path between the user and organization-defined security functions within the information system.

Weight

10

Fix Recommendation

Configure the UEM server to invoke either host-OS functionality or server functionality to provide a trusted communication channel between itself and managed devices that provides assured identification of its endpoints and protection of the communicated data from modification and disclosure using [selection:
-TLS,
-HTTPS].

Check Contents

Verify the UEM server invokes either host-OS functionality or server functionality to provide a trusted communication channel between itself and managed devices that provides assured identification of its endpoints and protection of the communicated data from modification and disclosure using [selection:
-TLS,
-HTTPS].

If the UEM server does not invoke either host-OS functionality or server functionality to provide a trusted communication channel between itself and managed devices that provides assured identification of its endpoints and protection of the communicated data from modification and disclosure using [selection:
-TLS,
-HTTPS], this is a finding.

Vulnerability Number

V-234392

Documentable

False

Rule Version

SRG-APP-000191-UEM-000119

Severity Override Guidance

Verify the UEM server invokes either host-OS functionality or server functionality to provide a trusted communication channel between itself and managed devices that provides assured identification of its endpoints and protection of the communicated data from modification and disclosure using [selection:
-TLS,
-HTTPS].

If the UEM server does not invoke either host-OS functionality or server functionality to provide a trusted communication channel between itself and managed devices that provides assured identification of its endpoints and protection of the communicated data from modification and disclosure using [selection:
-TLS,
-HTTPS], this is a finding.

Check Content Reference

M

Target Key

5269

Comments