OpenControls Logo

STIG Viewer

The UEM server must be configured to invoke either host-OS functionality or server functionality to provide a trusted communication channel between itself and remote administrators that provides assured identification of its endpoints and protection of the communicated data from modification and disclosure using [selection: -IPsec, -SSH, -TLS, -HTTPS].

Overview

Finding IDVersionRule IDIA ControlsSeverity
V-234391SRG-APP-000191-UEM-000118SV-234391r1035568_ruleCCI-004750medium
Description
Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session. Nonlocal maintenance and diagnostic activities are activities conducted by individuals communicating through either an external network (e.g., the internet) or an internal network. Satisfies: FTP_TRP.1.1(1) Refinement
STIGDate
Unified Endpoint Management Server Security Requirements Guide2024-12-09

Related Frameworks

2 paths across 2 frameworks
NIST 800-531 mapping
SA-8(18)
1.00
  • DISA · 2 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI1 mapping
CCI-004750
1.00
  • DISA · 2 · disa_xccdf · related

Details

Check Text (C-234391r1035568_chk)

Verify the UEM server invokes either host-OS functionality or server functionality to provide a trusted communication channel between itself and remote administrators that provides assured identification of its endpoints and protection of the communicated data from modification and disclosure using [selection: -IPsec, -SSH, -TLS, -HTTPS]. If the UEM server does not invoke either host-OS functionality or server functionality to provide a trusted communication channel between itself and remote administrators that provides assured identification of its endpoints and protection of the communicated data from modification and disclosure using [selection: -IPsec, -SSH, -TLS, -HTTPS], this is a finding.

Fix Text (F-37541r1001237_fix)

Configure the UEM server to invoke either host-OS functionality or server functionality to provide a trusted communication channel between itself and remote administrators that provides assured identification of its endpoints and protection of the communicated data from modification and disclosure using [selection: -IPsec, -SSH, -TLS, -HTTPS].