Mobile OS device integrity tool scans must be reviewed daily by the system administrator or IAO (or continuously by a server).
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-30568 | WIR-MOS-AND-045-04 | SV-40290r1_rule | ECWN-1 | Medium |
| Description |
|---|
| If mitigation actions identified by the Mobile OS device integrity tool are not implemented, DoD data and the enclave could be at risk of being compromised. |
| STIG | Date |
|---|---|
| Android 2.2 (Dell) Security Technical Implementation Guide | 2014-08-26 |
Details
| Check Text ( C-39136r1_chk ) |
|---|
| Interview the system administrator and IOA. Determine if the Fixmo Sentinel tool scan results are being reviewed daily by the system administrator or IAO. Determine how the site documents this action. Note: At this time, the Sentinel server cannot automatically review scan results from the device application and alert the administrator if there are events. Mark as a finding if Fixmo Sentinel tool scan results are not reviewed daily by the system administrator or IAO. |
| Fix Text (F-34283r1_fix) |
|---|
| Implement required mitigation actions. |