Navigate

Check: SRG-MPOL-047

Mobile Policy SRG: SRG-MPOL-047 (in version v1 r2)

Title

The organization must store and maintain a configuration baseline of each CMD, including application software. (Cat II impact)

Discussion

An integrity baseline scan must be maintained, so the baseline can be compared to any subsequent scan to identify any anomalies or determine if there are any security vulnerability trends or compromises to the system.

Check Content

Verify the security personnel or system administrator is maintaining an integrity baseline scan of the mobile device operating system and applications. If an integrity baseline is not maintained, this is a finding.

Fix Text

Maintain an integrity system baseline of the mobile device.

Additional Identifiers

Rule ID:

Vulnerability ID: V-35965

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-001334	The organization requires that unclassified mobile devices used in facilities containing information systems processing, storing, or transmitting classified information and the information stored on those devices be subject to random reviews and inspections by organization-defined security officials.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
AC-19 (4)	Restrictions For Classified Information