STIGQter: STIG Summary: Unified Endpoint Management Server Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The UEM server must verify the digital signature of software before installation and alert the Information System Security Officer (ISSO), Information System Security Manager (ISSM), and other designated personnel if unauthorized software is detected.

DISA Rule

SV-234519r617355_rule

Vulnerability Number

V-234519

Group Title

SRG-APP-000377

Rule Version

SRG-APP-000377-UEM-000247

Severity

CAT II

CCI(s)

• CCI-001811 - The information system alerts organization-defined personnel or roles when the unauthorized installation of software is detected.

Weight

10

Fix Recommendation

Configure the UEM server to verify the digital signature of software before installation and alert the ISSM, ISSO, and other designated personnel if unauthorized software is detected.

Check Contents

Verify the UEM server verifies the digital signature of software before installation and alert the ISSM, ISSO, and other designated personnel if unauthorized software is detected.

If the UEM server does not verify the digital signature of software before installation and alert the ISSM, ISSO, and other designated personnel if unauthorized software is detected, this is a finding.

Vulnerability Number

V-234519

Documentable

False

Rule Version

SRG-APP-000377-UEM-000247

Severity Override Guidance

Verify the UEM server verifies the digital signature of software before installation and alert the ISSM, ISSO, and other designated personnel if unauthorized software is detected.

If the UEM server does not verify the digital signature of software before installation and alert the ISSM, ISSO, and other designated personnel if unauthorized software is detected, this is a finding.

Check Content Reference

M

Target Key

5269

Comments