The Samsung SDS EMM must be configured to communicate the following commands to the MDM Agent: read audit logs kept by the MD.
An XCCDF Rule
Description
Audit logs enable monitoring of security-relevant events and subsequent forensics when breaches occur. For audit logs to be useful, administrators must have the ability to view them. SFR ID: FMT_SMF.1.1(1) #19
- ID
- SV-225641r588007_rule
- Version
- SSDS-00-000110
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
Use the following instructions to verify the command has been configured to read audits to the MDM Agent on the SDS EMM server:
On the MDM console, do the following:
1. Log in to the Admin Console using a web browser.
2. Go to Service Overview >> Log and Event >> Audit Event.
3. Select all audit events with audit type of "Device" and click the "Save" button.