STIGQter: STIG Summary: BlackBerry UEM Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The BlackBerry UEM server must connect to [assignment: [SQL Server]] with an authenticated and secure (encrypted) connection to protect the confidentiality and integrity of transmitted information.

DISA Rule

SV-224386r604136_rule

Vulnerability Number

V-224386

Group Title

PP-MDM-431009

Rule Version

BUEM-00-200060

Severity

CAT II

CCI(s)

• CCI-002418 - The information system protects the confidentiality and/or integrity of transmitted information.
• CCI-002420 - The information system maintains the confidentiality and/or integrity of information during preparation for transmission.
• CCI-002421 - The information system implements cryptographic mechanisms to prevent unauthorized disclosure of information and/or detect changes to information during transmission unless otherwise protected by organization-defined alternative physical safeguards.
• CCI-002422 - The information system maintains the confidentiality and/or integrity of information during reception.

Weight

10

Fix Recommendation

Confirm the Administrator has configured the SQL server to connect to UEM using the TLS connection.

Check Contents

Talk to the site UEM Administrator to confirm the SQL server has been configured to connect to UEM using the TLS connection or confirm during a review of the SQL server.

If the SQL server has not been configured to connect to UEM using the TLS connection, this is a finding.

Vulnerability Number

V-224386

Documentable

False

Rule Version

BUEM-00-200060

Severity Override Guidance

Talk to the site UEM Administrator to confirm the SQL server has been configured to connect to UEM using the TLS connection or confirm during a review of the SQL server.

If the SQL server has not been configured to connect to UEM using the TLS connection, this is a finding.

Check Content Reference

M

Target Key

4134

Comments