Samsung Android must be configured to enable audit logging.
An XCCDF Rule
Description
Audit logs enable monitoring of security-relevant events and subsequent forensics when breaches occur. They help identify attacks so that breaches can either be prevented or limited in their scope. They facilitate analysis to improve performance and security. SFR ID: FAU_GEN.1.1 #8
- ID
- SV-231040r608683_rule
- Version
- KNOX-11-018400
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
Configure Samsung Android to enable audit logging.
On the management tool, in the device audit log section, set "Audit log" to "Enable".