The UEM server must retain the access banner until the user acknowledges acceptance of the access conditions.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-234312 | SRG-APP-000069-UEM-000038 | SV-234312r960846_rule | CCI-000050 | low |
| Description | ||||
| The banner must be acknowledged by the user prior to allowing the user access to the application. This provides assurance that the user has seen the message and accepted the conditions for access. If the consent banner is not acknowledged by the user, DoD will not be in compliance with system use notifications required by law. To establish acceptance of the application usage policy, a click-through banner at application logon is required. The application must prevent further activity until the user executes a positive action to manifest agreement by clicking on a box indicating "OK". Satisfies:FTA_TAB.1.1 Reference:PP-MDM-413003 | ||||
| STIG | Date | |||
| Unified Endpoint Management Server Security Requirements Guide | 2024-12-09 | |||
Related Frameworks
3 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
AC-8
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1711 mapping
3.1.9
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000050
1.00
- DISA · 2 · disa_xccdf · related
Details
Check Text (C-234312r960846_chk)
Verify the UEM server retains the access banner until the user acknowledges acceptance of the access conditions.
If the UEM server does not retain the access banner until the user acknowledges acceptance of the access conditions, this is a finding.
Fix Text (F-37462r613947_fix)
Configure the UEM server to retain the access banner until the user acknowledges acceptance of the access conditions.