CylancePROTECT Mobile must be configured with the following Android security patch compliance and hardware certificate attestation controls: -"Android hardware attestation frequency" = 6 hours -"Device grace period" = 0 hours -"Challenge frequency for noncompliant devices" = 6 hours.

An XCCDF Rule

Description

The required application configurations will ensure that the minimum security baseline of the system is maintained to limit exposure of sensitive data and unauthorized access to the mobile device.

ID: SV-257267r940014_rule
Version: BBCP-00-013300
Severity: Medium
References: CCI-000366
Updated: 24 days ago

Remediation Templates

Configure the following  Android security patch compliance and hardware certificate attestation controls:
-"Android hardware attestation frequency" = 6 hours.
-"Device grace period" = 3 days (72 hours).
-"Challenge frequency for noncompliant devices" =  1 day (24 hours).

1. Log on to the BlackBerry UEM console.2. In the management console, click Settings >> General Settings >> Attestation.
3. In the "Android hardware attestation frequency" section, select "Enable hardware patch level attestation challenges for Android devices" checkbox.
4. in the "Challenge frequency" drop-down list, set the device must return an attestation response to "1 day" (24 hours).
5. In the Device grace period drop-down list, set the grace period to "3 days" (72 hours).
6. In the Challenge frequency for noncompliant devices field, set  how often UEM tests the integrity of devices that are not currently in compliance to "6 hours".
7. Click "Save".

CylancePROTECT Mobile must be configured with the following Android security patch compliance and hardware certificate attestation controls: -"Android hardware attestation frequency" = 6 hours -"Device grace period" = 0 hours -"Challenge frequency for noncompliant devices" = 6 hours.

Description

Remediation Templates

A Manual Procedure