Title

The UEM server must, when a component failure is detected, activate an organization-defined alarm and/or automatically shut down the application or the component. (Cat II impact)

Discussion

Predictable failure prevention requires organizational planning to address system failure issues. If components key to maintaining systems security fail to function, the system could continue operating in an insecure state. The organization must be prepared and the application must support requirements that specify if the application must alarm for such conditions and/or automatically shut down the application or the system. This can include conducting a graceful application shutdown to avoid losing information. Automatic or manual transfer of components from standby to active mode can occur, for example, upon detection of component failures.

Check Content

Verify the UEM server, when a component failure is detected, activates an organization-defined alarm and/or automatically shuts down the application or the component. If the UEM server, when a component failure is detected, does not activate an organization-defined alarm and/or automatically shut down the application or the component, this is a finding.

Fix Text

Configure the UEM server to activate an organization-defined alarm and/or automatically shut down the application or the component when a component failure is detected.

Additional Identifiers

Rule ID: SRG-APP-000268-UEM-000153_rule

Vulnerability ID: SRG-APP-000268-UEM-000153

Group Title: SRG-APP-000268-UEM-000153

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.