STIGQter: STIG Summary: Google Android 10.x Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Jan 2020:

Google Android 10 must be configured to generate audit records for the following auditable events: detected integrity violations.

DISA Rule

SV-108063r1_rule

Vulnerability Number

V-98959

Group Title

PP-MDF-301420

Rule Version

GOOG-10-006100

Severity

CAT III

CCI(s)

• CCI-000169 - The information system provides audit record generation capability for the auditable events defined in AU-2 a. at organization-defined information system components.

Weight

10

Fix Recommendation

Configure the Google Android device to generate audit records for the following auditable events: detected integrity violations.

On the MDM console, do the following:

On the MDM Console:
1. Go to Policy management.
2. Enable Security Logging.

Check Contents

Review Google Android device configuration settings to determine if the mobile device is configured to generate audit records for the following auditable events: detected integrity violations.

This validation procedure is performed only on the MDM Administration Console.

On the MDM console, do the following:
1. Go to Policy management.
2. Confirm Security Logging is enabled.

If the MDM console device policy is not set to enable security logging, this is a finding.

Vulnerability Number

V-98959

Documentable

False

Rule Version

GOOG-10-006100

Severity Override Guidance

Review Google Android device configuration settings to determine if the mobile device is configured to generate audit records for the following auditable events: detected integrity violations.

This validation procedure is performed only on the MDM Administration Console.

On the MDM console, do the following:
1. Go to Policy management.
2. Confirm Security Logging is enabled.

If the MDM console device policy is not set to enable security logging, this is a finding.

Check Content Reference

M

Target Key

3581

Comments