STIGQter: STIG Summary: Unified Endpoint Management Server Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The UEM server must be configured with the periodicity of the following commands to the agent of six hours or less: - query connectivity status - query the current version of the managed device firmware/software - query the current version of installed mobile applications - read audit logs kept by the managed device.

DISA Rule

SV-234622r617355_rule

Vulnerability Number

V-234622

Group Title

SRG-APP-000472

Rule Version

SRG-APP-000472-UEM-000347

Severity

CAT II

CCI(s)

CCI-002696 - The information system verifies correct operation of organization-defined security functions.

Weight

Fix Recommendation

Configure the UEM server with the periodicity of the following commands to the agent of six hours or less:
- query connectivity status;
- query the current version of the managed device firmware/software;
- query the current version of installed mobile applications;
- read audit logs kept by the managed device.

Check Contents

Verify the UEM server is configured with the periodicity of the following commands to the agent of six hours or less:
- query connectivity status;
- query the current version of the managed device firmware/software;
- query the current version of installed mobile applications;
- read audit logs kept by the managed device.

If the UEM server is not configured with the periodicity of the following commands to the agent of six hours or less:
- query connectivity status;
- query the current version of the managed device firmware/software;
- query the current version of installed mobile applications;
- read audit logs kept by the managed device,
this is a finding.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments