STIGQter STIGQter: STIG Summary: Unified Endpoint Management Agent Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The UEM Agent must be configured to perform one of the following actions upon an attempt to unenroll the mobile device from management: -prevent the unenrollment from occurring -wipe the device to factory default settings -wipe the work profile with all associated applications and data.

DISA Rule

SV-234247r617393_rule

Vulnerability Number

V-234247

Group Title

SRG-APP-000516

Rule Version

SRG-APP-000516-UEM-100011

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the UEM Agent to perform one of the following actions upon an attempt to unenroll the mobile device from management:
-prevent the unenrollment from occurring
-wipe the device to factory default settings
-wipe the work profile with all associated applications and data.

Check Contents

Verify the UEM Agent performs one of the following actions upon an attempt to unenroll the mobile device from management:
-prevent the unenrollment from occurring
-wipe the device to factory default settings
-wipe the work profile with all associated applications and data.

If the UEM Agent does not perform one of the following actions upon an attempt to unenroll the mobile device from management:
-prevent the unenrollment from occurring
-wipe the device to factory default settings
-wipe the work profile with all associated applications and data
this is a finding.

Vulnerability Number

V-234247

Documentable

False

Rule Version

SRG-APP-000516-UEM-100011

Severity Override Guidance

Verify the UEM Agent performs one of the following actions upon an attempt to unenroll the mobile device from management:
-prevent the unenrollment from occurring
-wipe the device to factory default settings
-wipe the work profile with all associated applications and data.

If the UEM Agent does not perform one of the following actions upon an attempt to unenroll the mobile device from management:
-prevent the unenrollment from occurring
-wipe the device to factory default settings
-wipe the work profile with all associated applications and data
this is a finding.

Check Content Reference

M

Target Key

5262

Comments