Title

Mobile OS device integrity tool scans must be reviewed daily by the system administrator or IAO (or continuously by a server). (Cat II impact)

Discussion

If mitigation actions identified by the Mobile OS device integrity tool are not implemented, DoD data and the enclave could be at risk of being compromised.

Check Content

Interview the system administrator and IOA. Determine if the Fixmo Sentinel tool scan results are being reviewed daily by the system administrator or IAO. Determine how the site documents this action. Note: At this time, the Sentinel server cannot automatically review scan results from the device application and alert the administrator if there are events. Mark as a finding if Fixmo Sentinel tool scan results are not reviewed daily by the system administrator or IAO.

Fix Text

Implement required mitigation actions.

Additional Identifiers

Rule ID: SV-40290r1_rule

Vulnerability ID: V-30568

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.