Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Unified Endpoint Management Agent Security Requirements Guide
SRG-APP-000555
All UEM Agent cryptography supporting DoD functionality must be FIPS 140-2 validated.
All UEM Agent cryptography supporting DoD functionality must be FIPS 140-2 validated.
An XCCDF Rule
Details
Profiles
Prose
All UEM Agent cryptography supporting DoD functionality must be FIPS 140-2 validated.
High Severity
<VulnDiscussion>Unapproved cryptographic algorithms cannot be relied on to provide confidentiality or integrity, and DoD data could be compromised as a result. The most common vulnerabilities with cryptographic modules are those associated with poor implementation. FIPS 140-2 validation provides assurance that the relevant cryptography has been implemented correctly. FIPS 140-2 validation is also a strict requirement for use of cryptography in the federal government for protecting unclassified data. Satisfies: FCS Reference: PP-UEM-404200</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>