← Back to Zebra Android 11 COBO Security Technical Implementation Guide

V-252868

CAT II (Medium)

Zebra Android 11 must be configured to enable audit logging.

Rule ID

SV-252868r958754_rule

STIG

Zebra Android 11 COBO Security Technical Implementation Guide

Version

V1R4

CCIs

CCI-000366 CCI-000370 CCI-001851

Discussion

Audit logs enable monitoring of security-relevant events and subsequent forensics when breaches occur. To be useful, Administrators must have the ability to view the audit logs. SFR ID: FMT_SMF_EXT.1.1 #32

Check Content

Review documentation on the Zebra Android device and inspect the configuration on the Zebra Android device to enable audit logging.

This validation procedure is performed on only on the EMM Administration Console. 

On the EMM console, do the following:
1. Open "Device owner management" section.
2. Verify that "Enable security logging" is toggled to "On".

If the EMM console device policy is not set to enable audit logging, this is a finding.

Fix Text

Configure the Zebra Android 11 device to enable audit logging.

On the EMM console:
1. Open "Device owner management" section.
2. Toggle "Enable security logging" to "On".