The BlackBerry UEM server must [selection: invoke platform-provided functionality, implement functionality] to generate an audit record of the following auditable events: c. [selection: Commands issued to the MDM Agent].

An XCCDF Rule

Description

<VulnDiscussion>Audit logs enable monitoring of security-relevant events and subsequent forensics when breaches occur. For audit logs to be useful, administrators must have the ability to view them. SFR ID: FAU_GEN.1.1(1)</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-224371r604136_rule
Severity: Low
References: CCI-000366
Updated: about 1 year ago

On the BlackBerry UEM, do the following:
1. On the menu bar, click Settings >> Infrastructure >> Audit settings.
2. In the right pane, click the edit icon.
3. To add security events to audit, click + . Select the events and click Add.
4. Select each "Command" event (Command delivered, Command sent).
5. In the Setting column, select "all" for the "Command delivered" event. 6. Click Save.
Note: For audit record fields for server audits, include: Commands sent to the device.

The BlackBerry UEM server must [selection: invoke platform-provided functionality, implement functionality] to generate an audit record of the following auditable events: c. [selection: Commands issued to the MDM Agent].

Description

Remediation - Manual Procedure