Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-29525 | WIR-MOS-AND-040-03 | SV-38758r1_rule | ECWN-1 | Medium |
Description |
---|
The Bluetooth radio can be used by a hacker to connect to the smartphone without the knowledge of the user. Sensitive DoD data could be exposed and the hacker could use the device to attack the enclave. |
STIG | Date |
---|---|
Android 2.2 (Dell) Security Technical Implementation Guide | 2014-08-26 |
Check Text ( C-37825r1_chk ) |
---|
The Bluetooth Security Monitor application is used to only allow approved Bluetooth smart card readers (CAC readers) and Bluetooth headsets. (In late 2011, this configuration setting will be available in the Good server console.) Verify the Bluetooth Security Monitor application has been installed on the mobile OS device. -Have the system administrator show that Bluetooth Security Monitor application is in the list of installed applications on the device (Settings>Applications>Manage applications>All). Mark as a finding if Bluetooth Security Monitor application is not installed. |
Fix Text (F-33963r1_fix) |
---|
Install the required Bluetooth configuration application. |