Applications providing IDS and prevention capabilities must prevent non-privileged users from circumventing intrusion detection and prevention capabilities.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-35720	SRG-APP-000285-MAPP-NA	SV-47007r1_rule		Medium

Description
Any application providing intrusion detection and prevention capabilities must be architected and implemented so as to prevent non-privileged users from circumventing such protections. This can be accomplished through the use of user roles, use of proper systems permissions, auditing, logging, etc. Rationale for non-applicability: The MDM SRG addresses mechanisms that check the integrity of the mobile device. The mobile operating system enforces controls that prevent circumvention of MDM capabilities.

Description

Any application providing intrusion detection and prevention capabilities must be architected and implemented so as to prevent non-privileged users from circumventing such protections. This can be accomplished through the use of user roles, use of proper systems permissions, auditing, logging, etc. Rationale for non-applicability: The MDM SRG addresses mechanisms that check the integrity of the mobile device. The mobile operating system enforces controls that prevent circumvention of MDM capabilities.

STIG	Date
Mobile Application Security Requirements Guide	2013-01-04

Details

Check Text ( C-44063r1_chk )
This requirement is NA for the MAPP SRG.

Fix Text (F-40263r1_fix)
The requirement is NA. No fix is required.