The UEM server must be configured to produce audit records containing information to establish where the events occurred.

An XCCDF Rule

Details
Profiles

Description

Failure to generate these audit records makes it more difficult to identify or investigate attempted or successful compromises, potentially causing incidents to last longer than necessary. Satisfies:FAU_GEN.1.2(1) Reference:PP-MDM-412060

ID: SV-234330r960897_rule
Version: SRG-APP-000097-UEM-000057
Severity: Medium
References: CCI-000132
Updated: about 2 months ago

Remediation Templates

Configure the UEM server to be configured to produce audit records containing information to establish where the events occurred.

The UEM server must be configured to produce audit records containing information to establish where the events occurred.

Description

Remediation Templates

A Manual Procedure