STIGQter STIGQter: STIG Summary: Unified Endpoint Management Server Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The UEM server must configure web management tools with FIPS-validated Advanced Encryption Standard (AES) cipher block algorithm to protect the confidentiality of maintenance and diagnostic communications for nonlocal maintenance sessions.

DISA Rule

SV-234555r617355_rule

Vulnerability Number

V-234555

Group Title

SRG-APP-000412

Rule Version

SRG-APP-000412-UEM-000283

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

Configure the UEM server web management tools with a FIPS-validated Advanced Encryption Standard (AES) cipher block algorithm to protect the confidentiality of maintenance and diagnostic communications for nonlocal maintenance sessions.

Check Contents

Verify the UEM server web management tools use a FIPS-validated Advanced Encryption Standard (AES) cipher block algorithm to protect the confidentiality of maintenance and diagnostic communications for nonlocal maintenance sessions.

If the UEM server web management tools do not use FIPS-validated Advanced Encryption Standard (AES) cipher block algorithms to protect the confidentiality of maintenance and diagnostic communications for nonlocal maintenance sessions, this is a finding.

Vulnerability Number

V-234555

Documentable

False

Rule Version

SRG-APP-000412-UEM-000283

Severity Override Guidance

Verify the UEM server web management tools use a FIPS-validated Advanced Encryption Standard (AES) cipher block algorithm to protect the confidentiality of maintenance and diagnostic communications for nonlocal maintenance sessions.

If the UEM server web management tools do not use FIPS-validated Advanced Encryption Standard (AES) cipher block algorithms to protect the confidentiality of maintenance and diagnostic communications for nonlocal maintenance sessions, this is a finding.

Check Content Reference

M

Target Key

5269

Comments