The Samsung SDS EMM must be configured to communicate the following commands to the MDM Agent: read audit logs kept by the MD.

An XCCDF Rule

Details
Profiles

Description

Audit logs enable monitoring of security-relevant events and subsequent forensics when breaches occur. For audit logs to be useful, administrators must have the ability to view them. SFR ID: FMT_SMF.1.1(1) #19

ID: SV-225641r588007_rule
Version: SSDS-00-000110
Severity: Medium
References: CCI-000366
Updated: 5 days ago

Remediation Templates

Use the following instructions to verify the command has been configured to read audits to the MDM Agent on the SDS EMM server:

On the MDM console, do the following:
1. Log in to the Admin Console using a web browser.
2. Go to Service Overview >> Log and Event >> Audit Event. 
3. Select all audit events with audit type of "Device" and click the "Save" button.

The Samsung SDS EMM must be configured to communicate the following commands to the MDM Agent: read audit logs kept by the MD.

Description

Remediation Templates

A Manual Procedure