Mobile OS devices (smartphones / tablets) must have a device integrity validation tool baseline scan on file.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-30566 | WIR-MOS-AND-045-02 | SV-40283r1_rule | ECWN-1 | Medium |
| Description |
|---|
| The purpose of this scan is to determine if there has been an unexplained change in the mobile OS file system indicating the device has been compromised by malware or by rooting the device. A baseline scan provides a known good condition to compare with subsequent scans. A new baseline scan should be completed after the installation or removal of an application. |
| STIG | Date |
|---|---|
| Android 2.2 (Dell) Security Technical Implementation Guide | 2014-08-26 |
Details
| Check Text ( C-39129r1_chk ) |
|---|
| Interview the IAO and Android device Administrator. Verify Fixmo Sentinel baseline scans are on file for all site managed Android devices. Select 4-5 site managed Android devices to review. Have the IAO show the reviewer the baseline scan for each device using Sentinel Desktop or Sentinel server. Mark as a finding if a baseline scan is not available. |
| Fix Text (F-34279r1_fix) |
|---|
| Create baseline scans for each site managed mobile device. |