| V-234363 | | The UEM server must use FIPS-validated SHA-2 or higher hash function to provide replay-resistant authentication mechanisms for network access to privileged accounts. | A replay attack may enable an unauthorized user to gain access to the application. Authentication sessions between the authenticator and the applicati... |
| V-234375 | | For UEM server using password authentication, the network element must use FIPS-validated SHA-2 or later protocol to protect the integrity of the password authentication process. | Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can ... |
| V-234383 | | The UEM server must use FIPS-validated SHA-2 or higher hash function to protect the integrity of keyed-hash message authentication code (HMAC), Key Derivation Functions (KDFs), Random Bit Generation, and hash-only applications. | Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
Nonlocal maintenance and diagnostic ... |
| V-234408 | | The UEM server must generate unique session identifiers using a FIPS-validated Random Number Generator (RNG) based on the Deterministic Random Bit Generators (DRBG) algorithm. | Sequentially generated session IDs can be easily guessed by an attacker. Employing the concept of randomness in the generation of unique session ident... |
| V-234538 | | Before establishing a connection to any endpoint device being managed, the UEM server must establish a trusted path between the server and endpoint that provides assured identification of the end point using a bidirectional authentication mechanism configured with a FIPS-validated Advanced Encryption Standard (AES) cipher block algorithm to authenticate with the device. | Without device-to-device authentication, communications with malicious devices may be established. Bidirectional authentication provides stronger safe... |
| V-234555 | | The UEM server must configure web management tools with FIPS-validated Advanced Encryption Standard (AES) cipher block algorithm to protect the confidentiality of maintenance and diagnostic communications for nonlocal maintenance sessions. | Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.
Nonloca... |
| V-234588 | | The UEM server must connect to [assignment: [list of applications]] and managed mobile devices with an authenticated and secure (encrypted) connection to protect the confidentiality and integrity of transmitted information. | Applications may include the following: update server, database, and enterprise directory service. Without protection of the transmitted information, ... |
| V-234605 | | The UEM server must be maintained at a supported version. | The UEM vendor maintains specific product versions for a specific period of time. MDM/EMM server versions no longer supported by the vendor will not r... |
| V-234664 | | The UEM server must use a FIPS-validated cryptographic module to generate cryptographic hashes. | FIPS 140-2 precludes the use of invalidated cryptography for the cryptographic protection of sensitive or valuable data within Federal systems. Unvali... |
| V-234668 | | The UEM server must be configured to implement FIPS 140-2 mode for all server and agent encryption. | Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.
Remote... |
| V-234677 | | The application must use FIPS-validated SHA-256 or higher hash function for digital signature generation and verification. | Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
Note: Although allowed by SP800-131A... |
| V-256892 | | The UEM server must provide digitally signed policies and policy updates to the UEM agent. | It is critical that the UEM server sign all policy updates with validated certificates. Otherwise, there is no assurance that a malicious actor has no... |
| V-264368 | | The UEM server must sign policies and policy updates using a private key associated with [selection: an X509 certificate, a public key provisioned to the agent trusted by the agent] for policy verification. | It is critical that the UEM server sign all policy updates with validated certificate or private keys. Otherwise, there is no assurance that a malicio... |
| V-264369 | | The UEM server, for each unique policy managed, must validate the policy is appropriate for an agent using [selection: a private key associated with an X509 certificate representing the agent, a token issued by the agent] associated with a policy signing key uniquely associated with the policy. | It is critical that the UEM server sign all policy updates with validated certificate or private keys. Otherwise, there is no assurance that a malicio... |
| V-234275 | | The UEM server must limit the number of concurrent sessions per privileged user account to three or less concurrent sessions. | Application management includes the ability to control the number of users and user sessions that utilize an application. Limiting the number of allow... |
| V-234276 | | The UEM server must conceal, via the session lock, information previously visible on the display with a publicly viewable image. | A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information syst... |
| V-234277 | | The UEM server must initiate a session lock after a 15-minute period of inactivity. | A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information syst... |
| V-234278 | | The MDM server must provide the capability for users to directly initiate a session lock. | A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system, but d... |
| V-234279 | | The MDM server must retain the session lock until the user reestablishes access using established identification and authentication procedures. | A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system, but d... |
| V-234283 | | The UEM server must use TLS 1.2, or higher, to protect the confidentiality of sensitive data during electronic dissemination using remote access. | Using older unauthorized versions or incorrectly configuring protocol negotiation makes the gateway vulnerable to known and unknown attacks that explo... |
| V-234286 | | The UEM server must provide automated mechanisms for supporting account management functions. | Enterprise environments make application account management challenging and complex. A manual process for account management functions adds the risk o... |
| V-234287 | | The UEM server must automatically remove or disable temporary user accounts after 72 hours if supported by the UEM server. | If temporary user accounts remain active when no longer needed or for an excessive period, these accounts may be used to gain unauthorized access. To ... |
| V-234288 | | The UEM server must automatically disable accounts after a 35-day period of account inactivity. | Attackers that are able to exploit an inactive account can potentially obtain and maintain undetected access to an application. Owners of inactive acc... |
| V-234289 | | The UEM server must automatically audit account creation. | Once an attacker establishes access to a system, the attacker often attempts to create a persistent method of re-establishing access. One way to accom... |
| V-234290 | | The UEM server must automatically audit account modification. | Once an attacker establishes access to a system, the attacker often attempts to create a persistent method of re-establishing access. One way to accom... |
| V-234291 | | The UEM server must automatically audit account disabling actions. | When application accounts are disabled, user accessibility is affected. Once an attacker establishes access to an application, the attacker often atte... |
| V-234292 | | The UEM server must automatically audit account removal actions. | When application accounts are removed, user accessibility is affected. Once an attacker establishes access to an application, the attacker often attem... |
| V-234310 | | The UEM server must enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period. | By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, ... |
| V-234311 | | The UEM server must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the application. | Display of the DoD-approved use notification before granting access to the application ensures privacy and security notification verbiage used is cons... |
| V-234318 | | The UEM server must protect against an individual (or process acting on behalf of an individual) falsely denying having performed organization-defined actions to be covered by non-repudiation. | Without non-repudiation, it is impossible to positively attribute an action to an individual (or process acting on behalf of an individual).
Non-rep... |
| V-234323 | | The UEM server must provide audit record generation capability for DoD-defined auditable events within all application components. | Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident, o... |
| V-234324 | | The UEM server must be configured to provide audit records in a manner suitable for the Authorized Administrators to interpret the information. | Successful incident response and auditing relies on timely, accurate system information and analysis in order to allow the organization to identify an... |
| V-234325 | | The UEM server must be configured to allow only specific administrator roles to select which auditable events are to be audited. | Without the capability to restrict which roles and individuals can select which events are audited, unauthorized personnel may be able to prevent the ... |
| V-234326 | | The UEM server must generate audit records when successful/unsuccessful attempts to access privileges occur. | Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlat... |
| V-234327 | | The UEM server must initiate session auditing upon startup. | If auditing is enabled late in the startup process, the actions of some start-up processes may not be audited. Some audit systems also maintain state ... |
| V-234328 | | The UEM server must be configured to produce audit records containing information to establish what type of events occurred. | Without establishing what type of event occurred, it would be difficult to establish, correlate, and investigate the events relating to an incident, o... |
| V-234329 | | The UEM server must be configured to produce audit records containing information to establish when (date and time) the events occurred. | Without establishing when events occurred, it is impossible to establish, correlate, and investigate the events relating to an incident.
In order to ... |
| V-234330 | | The UEM server must be configured to produce audit records containing information to establish where the events occurred. | Failure to generate these audit records makes it more difficult to identify or investigate attempted or successful compromises, potentially causing in... |
| V-234331 | | The UEM server must be configured to produce audit records containing information to establish the source of the events. | Without establishing the source of the event, it is impossible to establish, correlate, and investigate the events leading up to an outage or attack.
... |
| V-234332 | | The UEM server must be configured to produce audit records that contain information to establish the outcome of the events. | Without information about the outcome of events, security personnel cannot make an accurate assessment as to whether an attack was successful or if ch... |
| V-234333 | | The UEM server must be configured to generate audit records containing information that establishes the identity of any individual or process associated with the event. | Without information that establishes the identity of the subjects (i.e., users or processes acting on behalf of users) associated with the events, sec... |
| V-234334 | | The UEM server must be configured to generate audit records containing the full-text recording of privileged commands or the individual identities of group account users. | Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
Organizations consider lim... |
| V-234335 | | The UEM SRG must alert the ISSO and SA (at a minimum) in the event of an audit processing failure. | It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notificatio... |
| V-234340 | | The UEM server must use host operating system clocks to generate time stamps for audit records. | Without an internal clock used as the reference for the time stored on each event to provide a trusted common reference for the time, forensic analysi... |
| V-234341 | | The UEM server must protect audit information from any type of unauthorized read access. | If audit data were to become compromised, then competent forensic analysis and discovery of the true source of potentially malicious system activity i... |
| V-234342 | | The UEM server must protect audit information from unauthorized modification. | If audit data were to become compromised, then forensic analysis and discovery of the true source of potentially malicious system activity is impossib... |
| V-234343 | | The UEM server must protect audit information from unauthorized deletion. | If audit data were to become compromised, then forensic analysis and discovery of the true source of potentially malicious system activity is impossib... |
| V-234347 | | The UEM server must back up audit records at least every seven days onto a log management server. | Protection of log data includes ensuring log data is not accidentally lost or deleted. Backing up audit records to a different system or onto separate... |
| V-234349 | | The UEM server must prevent the installation of patches, service packs, or application components without verification the software component has been digitally signed using a certificate that is recognized and approved by the organization. | Changes to any software components can have significant effects on the overall security of the application. Verifying software components have been di... |
| V-234351 | | The UEM server must limit privileges to change the software resident within software libraries. | If the application were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the approp... |
| V-234352 | | The UEM server must be configured to disable non-essential capabilities. | It is detrimental for applications to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary ca... |
| V-234353 | | The firewall protecting the UEM server platform must be configured so only DoD-approved ports, protocols, and services are enabled. (See the DoD Ports, Protocols, Services Management [PPSM] Category Assurance Levels [CAL] list for DoD-approved ports, protocols, and services). | All ports, protocols, and services used on DoD networks must be approved and registered via the DoD PPSM process. This is to ensure a risk assessment ... |
| V-234354 | | The UEM server must be configured to use only documented platform APIs. | Authenticity protection provides protection against man-in-the-middle attacks/session hijacking and the insertion of false information into sessions.
... |
| V-234355 | | The UEM server must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users). | To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and... |
| V-234356 | | The UEM server must be configured to use a DoD Central Directory Service to provide multifactor authentication for network access to privileged and non-privileged accounts. | A comprehensive account management process that includes automation helps to ensure the accounts designated as requiring attention are consistently an... |
| V-234358 | | All UEM server local accounts created during application installation and configuration must be removed.
Note: In this context local accounts refers to user and or administrator accounts on the server that use user name and password for user access and authentication. | A comprehensive account management process that includes automation helps to ensure the accounts designated as requiring attention are consistently an... |
| V-234360 | | The UEM server must ensure users are authenticated with an individual authenticator prior to using a group authenticator. | To ensure individual accountability and prevent unauthorized access, application users must be individually identified and authenticated.
Individual... |
| V-234361 | | The UEM server must be configured to use DOD PKI for multifactor authentication. This requirement is included in SRG-APP-000149. | Using an authentication device, such as a common access card (CAC) or token that is separate from the information system, ensures that even if the inf... |
| V-234364 | | The UEM server must implement replay-resistant authentication mechanisms for network access to nonprivileged accounts. | A replay attack may enable an unauthorized user to gain access to the application. Authentication sessions between the authenticator and the applicati... |
| V-234367 | | The UEM server must enforce a minimum 15-character password length. | The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
Password complexit... |
| V-234368 | | The UEM server must prohibit password reuse for a minimum of five generations. | Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
To meet... |
| V-234369 | | The UEM server must enforce password complexity by requiring that at least one uppercase character be used. | Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure... |
| V-234370 | | The UEM server must enforce password complexity by requiring that at least one lowercase character be used. | Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure... |
| V-234371 | | The UEM server must enforce password complexity by requiring that at least one numeric character be used. | Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure... |
| V-234372 | | The UEM server must enforce password complexity by requiring that at least one special character be used. | Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure... |
| V-234373 | | UEM server must require the change of at least 50 percent of the previous password's characters. | If the application allows the user to consecutively reuse extensive portions of passwords, this increases the chances of password compromise by increa... |
| V-234374 | | For UEM server using password authentication, the application must store only cryptographic representations of passwords. | Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can ... |
| V-234377 | | The UEM server must enforce a 60-day maximum password lifetime restriction. | Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed at specific intervals.
One method of minimiz... |
| V-234378 | | When using PKI-based authentication for user access, the UEM server must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | Without path validation, an informed trust decision by the relying party cannot be made when presented with any certificate not already explicitly tru... |
| V-234379 | | When the UEM server cannot establish a connection to determine the validity of a certificate, the server must be configured not to have the option to accept the certificate. | When an UEM server accepts an unverified certificate, it may be trusting a malicious actor. For example, messages signed with an invalid certificate m... |
| V-234380 | | The UEM server, when using PKI-based authentication, must enforce authorized access to the corresponding private key. | If the private key is discovered, an attacker can use the key to authenticate as an authorized user and gain access to the network infrastructure.
Th... |
| V-234381 | | The UEM server must map the authenticated identity to the individual user or group account for PKI-based authentication. | Without mapping the certificate used to authenticate to the user account, the ability to determine the identity of the individual user or group will n... |
| V-234382 | | The UEM server must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals. | To prevent the compromise of authentication information such as passwords during the authentication process, the feedback from the information system ... |
| V-234390 | | The UEM server must be configured to provide a trusted communication channel between itself and authorized IT entities using [selection:
-IPsec,
-SSH,
-mutually authenticated TLS,
-mutually authenticated DTLS,
-HTTPS]. | Examples of authorized IT entities: audit server, Active Directory, software update server, and database server.
Without confidentiality protection m... |
| V-234391 | | The UEM server must be configured to invoke either host-OS functionality or server functionality to provide a trusted communication channel between itself and remote administrators that provides assured identification of its endpoints and protection of the communicated data from modification and disclosure using [selection:
-IPsec,
-SSH,
-TLS,
-HTTPS]. | Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.
Nonloca... |
| V-234392 | | The UEM server must be configured to invoke either host-OS functionality or server functionality to provide a trusted communication channel between itself and managed devices that provides assured identification of its endpoints and protection of the communicated data from modification and disclosure using [selection:
-TLS,
-HTTPS]. | Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.
Nonloca... |
| V-234405 | | The UEM server must protect the authenticity of communications sessions. | Authenticity protection provides protection against man-in-the-middle attacks/session hijacking and the insertion of false information into sessions.
... |
| V-234406 | | The UEM server must invalidate session identifiers upon user logout or other session termination. | Captured sessions can be reused in "replay" attacks. This requirement limits the ability of adversaries from capturing and continuing to employ previo... |
| V-234407 | | The UEM server must recognize only system-generated session identifiers. | Applications utilize sessions and session identifiers to control application behavior and user access. If an attacker can guess the session identifier... |
| V-234409 | | The UEM server must fail to a secure state if system initialization fails, shutdown fails, or aborts fail. | Failure to a known safe state helps prevent systems from failing to a state that may cause loss of data or unauthorized access to system resources. Ap... |
| V-234410 | | In the event of a system failure, the UEM server must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes. | Failure to a known state can address safety or security in accordance with the mission/business needs of the organization. Failure to a known secure s... |
| V-234421 | | The UEM server must check the validity of all data inputs. | Invalid user input occurs when a user inserts data or characters into an application's data entry fields and the application is unprepared to process ... |
| V-234424 | | The UEM server must generate error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries. | Any application providing too much information in error messages risks compromising the data and security of the application and system. The structure... |
| V-234425 | | The UEM server must reveal error messages only to the Information System Security Manager (ISSM) and Information System Security Officer (ISSO). | Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational st... |
| V-234430 | | The application must notify the Information System Security Manager (ISSM) and Information System Security Officer (ISSO) of failed security verification tests. | If personnel are not notified of failed security verification tests, they will not be able to take corrective action and the unsecure condition(s) wil... |
| V-234438 | | The UEM server must notify system administrators (SAs) and the information system security officer (ISSO) when accounts are created. | Once an attacker establishes access to an application, the attacker often attempts to create a persistent method of re-establishing access. One way to... |
| V-234439 | | The UEM server must notify system administrators (SAs) and the information system security officer (ISSO) when accounts are modified. | When application accounts are modified, user accessibility is affected. Accounts are utilized for identifying individual users or for identifying the ... |
| V-234440 | | The UEM server must notify system administrators (SAs) and the information system security officer (ISSO) for account disabling actions. | When application accounts are disabled, user accessibility is affected. Accounts are utilized for identifying individual users or for identifying the ... |
| V-234441 | | The UEM server must notify system administrators (SAs) and the information system security officer (ISSO) for account removal actions. | When application accounts are removed, user accessibility is affected. Accounts are utilized for identifying users or for identifying the application ... |
| V-234442 | | The UEM server must automatically terminate a user session after an organization-defined period of user inactivity. | Automatic session termination addresses the termination of user-initiated logical sessions in contrast to the termination of network connections that ... |
| V-234443 | | The UEM server must provide logout capability for user-initiated communication sessions. | If a user cannot explicitly end an application session, the session may remain open and be exploited by an attacker; this is referred to as a zombie s... |
| V-234444 | | The UEM server must display an explicit logout message to users indicating the reliable termination of authenticated communications sessions. | If a user cannot explicitly end an application session, the session may remain open and be exploited by an attacker; this is referred to as a zombie s... |
| V-234465 | | The UEM server must automatically audit account-enabling actions. | Once an attacker establishes access to an application, the attacker often attempts to create a persistent method of re-establishing access. One way to... |
| V-234466 | | The UEM server must notify system administrator (SA) and information system security officer (ISSO) of account enabling actions. | Once an attacker establishes access to an application, the attacker often attempts to create a persistent method of re-establishing access. One way to... |
| V-234475 | | The UEM server must be configured to have at least one user in defined administrator roles. | Having several administrative roles for the UEM server supports separation of duties. This allows administrator-level privileges to be granted granula... |
| V-234489 | | The UEM server must audit the execution of privileged functions. | Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromise... |
| V-234491 | | The UEM server must automatically lock the account until the locked account is released by an administrator when three unsuccessful login attempts in 15 minutes are exceeded. | By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, ... |
| V-234500 | | The UEM server must be configured to transfer UEM server logs to another server for storage, analysis, and reporting. Note: UEM server logs include logs of UEM events and logs transferred to the UEM server by UEM agents of managed devices. | Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
Off-loading is a common process in information s... |
| V-234516 | | The UEM server must be configured to record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). | If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analysis.
Time stamps generate... |
| V-234517 | | The UEM server must be configured to record time stamps for audit records that meet a granularity of one second for a minimum degree of precision. | Without sufficient granularity of time stamps, it is not possible to adequately determine the chronological order of records.
Time stamps generated ... |
| V-234520 | | The UEM server must prohibit user installation of software by an administrator without the appropriate assigned permission for software installation. | Allowing regular users to install software, without explicit privileges, creates the risk that untested or potentially malicious software will be inst... |
| V-234521 | | The UEM server must be configured to only allow enrolled devices that are compliant with UEM policies and assigned to a user in the application access group to download applications. | If the application install policy is not enforced, malicious applications and vulnerable applications can be installed on managed mobile devices, whic... |
| V-234523 | | The UEM server must enforce access restrictions associated with changes to the server configuration. | Failure to provide logical access restrictions associated with changes to application configuration may have significant effects on the overall securi... |
| V-234524 | | The UEM server must audit the enforcement actions used to restrict access associated with changes to the application. | Without auditing the enforcement of access restrictions against changes to the application configuration, it will be difficult to identify attempted a... |
| V-234526 | | The UEM server must disable organization-defined functions, ports, protocols, and services (within the application) deemed unnecessary and/or non-secure. | Removal of unneeded or non-secure functions, ports, protocols, and services mitigate the risk of unauthorized connection of devices, unauthorized tran... |
| V-234543 | | The UEM server must prohibit the use of cached authenticators after an organization-defined time period. | If cached authentication information is out-of-date, the validity of the authentication information may be questionable.
According to the CNSS 1253, ... |
| V-234544 | | The UEM server, for PKI-based authentication, must implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network. | Without configuring a local cache of revocation data, there is the potential to allow access to users who are no longer authorized (users with revoked... |
| V-234556 | | The UEM server must verify remote disconnection when non-local maintenance and diagnostic sessions are terminated. | If the remote connection is not closed and verified as closed, the session may remain open and be exploited by an attacker; this is referred to as a z... |
| V-234573 | | The UEM server must only allow the use of DoD PKI established certificate authorities for verification of the establishment of protected sessions. | Untrusted Certificate Authorities (CA) can issue certificates, but they may be issued by organizations or individuals that seek to compromise DoD syst... |
| V-234574 | | The UEM server must be configured to use X.509v3 certificates for code signing for system software updates. | It is critical that the UEM server validate code signing certificates for key activities such as code signing for system software updates, code signin... |
| V-234575 | | The UEM server must be configured to use X.509v3 certificates for code signing for integrity verification. | It is critical that the UEM server validate code signing certificates for key activities such as code signing for system software updates, code signin... |
| V-234596 | | The UEM server must be configured to write to the server event log when invalid inputs are received. | A common vulnerability of applications is unpredictable behavior when invalid inputs are received. This requirement guards against adverse or unintend... |
| V-234603 | | The UEM server must remove old software components after updated versions have been installed. | Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by advers... |
| V-234622 | | The UEM server must be configured with the periodicity of the following commands to the agent of six hours or less: - query connectivity status - query the current version of the managed device firmware/software - query the current version of installed mobile applications - read audit logs kept by the managed device. | Without verification, security functions may not operate correctly and this failure may go unnoticed.
Security function is defined as the hardware, ... |
| V-234623 | | The UEM server must run a suite of self-tests during initial start-up (power on) to demonstrate correct operation of the server. | Without verification, security functions may not operate correctly and this failure may go unnoticed.
Security function is defined as the hardware, ... |
| V-234624 | | The UEM server must alert the system administrator when anomalies in the operation of security functions are discovered. | If anomalies are not acted upon, security functions may fail to secure the system.
Security function is defined as the hardware, software, and/or fi... |
| V-234629 | | The UEM server must be configured to verify software updates to the server using a digital signature mechanism prior to installing those updates. | Unauthorized modifications to software or firmware may be indicative of a sophisticated, targeted cyber-attack. Cryptographic authentication includes,... |
| V-234642 | | The UEM server must generate audit records when successful/unsuccessful attempts to access security objects occur. | Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and in... |
| V-234645 | | The UEM server must generate audit records when successful/unsuccessful attempts to modify privileges occur. | Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlat... |
| V-234646 | | The UEM server must generate audit records when successful/unsuccessful attempts to modify security objects occur. | Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlat... |
| V-234649 | | The UEM server must generate audit records when successful/unsuccessful attempts to delete privileges occur. | Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlat... |
| V-234651 | | The UEM server must generate audit records when successful/unsuccessful attempts to delete security objects occur. | Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlat... |
| V-234653 | | The UEM server must generate audit records when successful/unsuccessful logon attempts occur. | Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlat... |
| V-234654 | | The UEM server must generate audit records for privileged activities or other system-level access. | Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlat... |
| V-234655 | | The UEM server must generate audit records showing starting and ending time for user access to the system. | Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlat... |
| V-234656 | | The UEM server must generate audit records when concurrent logons from different workstations occur. | Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlat... |
| V-234657 | | The UEM server must generate audit records when successful/unsuccessful accesses to objects occur. | Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlat... |
| V-234658 | | The UEM server must generate audit records for all direct access to the information system. | Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlat... |
| V-234659 | | The UEM server must generate audit records for all account creations, modifications, disabling, and termination events. | Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlat... |
| V-234665 | | The UEM server must, at a minimum, off-load audit logs of interconnected systems in real time and off-load standalone systems weekly. | Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
Off-loading is a common process in information s... |
| V-234666 | | The UEM server must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs. | Configuring the application to implement organization-wide security implementation guides and security checklists ensures compliance with federal stan... |
| V-234667 | | The UEM server must be configured to allow authorized administrators to read all audit data from audit records on the server. | Successful incident response and auditing relies on timely, accurate system information and analysis in order to allow the organization to identify an... |
| V-234669 | | The UEM server must be configured to prohibit client negotiation to TLS 1.1, TLS 1.0, SSL 2.0, or SSL 3.0. | Using older unauthorized versions or incorrectly configuring protocol negotiation makes the gateway vulnerable to known and unknown attacks that explo... |
| V-234673 | | The UEM server must authenticate endpoint devices (servers) before establishing a local, remote, and/or network connection using bidirectional authentication that is cryptographically based. | Without authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity. Bidirectional authenticati... |
| V-234674 | | If cipher suites using pre-shared keys are used for device authentication, the UEM server must have a minimum security strength of 112 bits or higher. | Pre-shared keys are symmetric keys that are already in place prior to the initiation of a Transport Layer Security (TLS) session (e.g., as the result ... |
| V-234676 | | The UEM server must validate certificates used for Transport Layer Security (TLS) functions by performing RFC 5280-compliant certification path validation. | A certificate's certification path is the path from the end entity certificate to a trusted root certification authority (CA). Certification path vali... |
| V-234312 | | The UEM server must retain the access banner until the user acknowledges acceptance of the access conditions. | The banner must be acknowledged by the user prior to allowing the user access to the application. This provides assurance that the user has seen the m... |
