Detections
Analytics

800-53|CM-6(1)

Title

AUTOMATED CENTRAL MANAGEMENT / APPLICATION / VERIFICATION

Description

The organization employs automated mechanisms to centrally manage, apply, and verify configuration settings for [Assignment: organization-defined information system components].

Reference Item Details

Related: CA-7,CM-4

Category: CONFIGURATION MANAGEMENT

Parent Title: CONFIGURATION SETTINGS

Family: CONFIGURATION MANAGEMENT

Baseline Impact: HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
AIOS-12-001400 - Apple iOS must not include applications with the following characteristics: Voice dialing application if available when MD is locked.MDMAirWatch - DISA Apple iOS 12 v2r1
AIOS-12-001400 - Apple iOS must not include applications with the following characteristics: Voice dialing application if available when MD is locked.MDMMobileIron - DISA Apple iOS 12 v2r1
AIOS-12-001800 - Apple iOS must not display notifications when the device is locked.MDMAirWatch - DISA Apple iOS 12 v2r1
AIOS-12-001800 - Apple iOS must not display notifications when the device is locked.MDMMobileIron - DISA Apple iOS 12 v2r1
AIOS-12-003600 - Apple iOS must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device.MDMAirWatch - DISA Apple iOS 12 v2r1
AIOS-12-003600 - Apple iOS must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device.MDMMobileIron - DISA Apple iOS 12 v2r1
AIOS-12-004300 - Apple iOS must not allow backup to remote systems (iCloud Keychain).MDMMobileIron - DISA Apple iOS 12 v2r1
AIOS-12-004300 - Apple iOS must not allow backup to remote systems (iCloud Keychain).MDMAirWatch - DISA Apple iOS 12 v2r1
AIOS-12-004500 - Apple iOS must not allow backup to remote systems (iCloud Photo Sharing, also known as Shared Photo Streams).MDMMobileIron - DISA Apple iOS 12 v2r1
AIOS-12-004500 - Apple iOS must not allow backup to remote systems (iCloud Photo Sharing, also known as Shared Photo Streams).MDMAirWatch - DISA Apple iOS 12 v2r1
AIOS-12-005600 - Apple iOS must not allow non-DoD applications to access DoD data.MDMMobileIron - DISA Apple iOS 12 v2r1
AIOS-12-005600 - Apple iOS must not allow non-DoD applications to access DoD data.MDMAirWatch - DISA Apple iOS 12 v2r1
AIOS-12-010600 - Apple iOS must implement the management setting: limit Ad Tracking.MDMAirWatch - DISA Apple iOS 12 v2r1
AIOS-12-010600 - Apple iOS must implement the management setting: limit Ad Tracking.MDMMobileIron - DISA Apple iOS 12 v2r1
AIOS-12-010700 - Apple iOS must implement the management setting: not allow automatic completion of Safari browser passcodes.MDMAirWatch - DISA Apple iOS 12 v2r1
AIOS-12-010700 - Apple iOS must implement the management setting: not allow automatic completion of Safari browser passcodes.MDMMobileIron - DISA Apple iOS 12 v2r1
AIOS-12-010800 - Apple iOS must implement the management setting: Encrypt iTunes backups.MDMAirWatch - DISA Apple iOS 12 v2r1
AIOS-12-010800 - Apple iOS must implement the management setting: Encrypt iTunes backups.MDMMobileIron - DISA Apple iOS 12 v2r1
AIOS-12-010900 - Apple iOS must implement the management setting: not allow use of Handoff.MDMAirWatch - DISA Apple iOS 12 v2r1
AIOS-12-010900 - Apple iOS must implement the management setting: not allow use of Handoff.MDMMobileIron - DISA Apple iOS 12 v2r1
AIOS-12-011200 - Apple iOS must implement the management setting: Disable Allow MailDrop.MDMAirWatch - DISA Apple iOS 12 v2r1
AIOS-12-011200 - Apple iOS must implement the management setting: Disable Allow MailDrop.MDMMobileIron - DISA Apple iOS 12 v2r1
AIOS-12-011400 - Apple iOS device must have the latest available iOS operating system installed.MDMAirWatch - DISA Apple iOS 12 v2r1
AIOS-12-011400 - Apple iOS device must have the latest available iOS operating system installed.MDMMobileIron - DISA Apple iOS 12 v2r1
AIOS-12-011600 - Apple iOS must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS Mail app.MDMAirWatch - DISA Apple iOS 12 v2r1
AIOS-12-011600 - Apple iOS must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS Mail app.MDMMobileIron - DISA Apple iOS 12 v2r1
AIOS-12-011800 - Apple iOS must implement the management setting: not have any Family Members in Family Sharing.MDMAirWatch - DISA Apple iOS 12 v2r1
AIOS-12-011800 - Apple iOS must implement the management setting: not have any Family Members in Family Sharing.MDMMobileIron - DISA Apple iOS 12 v2r1
AIOS-12-012200 - Apple iOS users must complete required training.MDMAirWatch - DISA Apple iOS 12 v2r1
AIOS-12-012200 - Apple iOS users must complete required training.MDMMobileIron - DISA Apple iOS 12 v2r1
AIOS-12-012500 - Apple iOS must implement the management setting: enable USB Restricted Mode.MDMAirWatch - DISA Apple iOS 12 v2r1
AIOS-12-012500 - Apple iOS must implement the management setting: enable USB Restricted Mode.MDMMobileIron - DISA Apple iOS 12 v2r1
AIOS-12-012600 - Apple iOS must not allow managed apps to write contacts to unmanaged contacts accounts.MDMAirWatch - DISA Apple iOS 12 v2r1
AIOS-12-012600 - Apple iOS must not allow managed apps to write contacts to unmanaged contacts accounts.MDMMobileIron - DISA Apple iOS 12 v2r1
AIOS-12-012700 - Apple iOS must not allow unmanaged apps to read contacts from managed contacts accounts.MDMAirWatch - DISA Apple iOS 12 v2r1
AIOS-12-012700 - Apple iOS must not allow unmanaged apps to read contacts from managed contacts accounts.MDMMobileIron - DISA Apple iOS 12 v2r1
AIOS-13-001400 - Apple iOS/iPadOS must not include applications with the following characteristics: Voice dialing application if available when MD is locked.MDMAirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-001400 - Apple iOS/iPadOS must not include applications with the following characteristics: Voice dialing application if available when MD is locked.MDMMobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-001800 - Apple iOS/iPadOS must not display notifications when the device is locked.MDMAirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-001800 - Apple iOS/iPadOS must not display notifications when the device is locked.MDMMobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-003600 - Apple iOS/iPadOS must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device.MDMMobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-003600 - Apple iOS/iPadOS must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device.MDMAirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-004300 - Apple iOS/iPadOS must not allow backup to remote systems (iCloud Keychain).MDMMobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-004300 - Apple iOS/iPadOS must not allow backup to remote systems (iCloud Keychain).MDMAirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-004500 - Apple iOS/iPadOS must not allow backup to remote systems (iCloud Photo Sharing, also known as Shared Photo Streams).MDMAirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-004500 - Apple iOS/iPadOS must not allow backup to remote systems (iCloud Photo Sharing, also known as Shared Photo Streams).MDMMobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-005600 - Apple iOS/iPadOS must not allow non-DoD applications to access DoD data.MDMAirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-005600 - Apple iOS/iPadOS must not allow non-DoD applications to access DoD data.MDMMobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-008900 - Apple iOS/iPadOS must implement the management setting: remove managed applications upon unenrollment from MDM (including sensitive and protected data).MDMMobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-008900 - Apple iOS/iPadOS must implement the management setting: remove managed applications upon unenrollment from MDM (including sensitive and protected data).MDMAirWatch - DISA Apple iOS/iPadOS 13 v2r1