{
"stig": {
"date": "2015-08-12",
"description": "BlackBerry OS 7.x.x STIG in XCCDF format",
"findings": {
"V-11865": {
"checkid": "C-12372r3_chk",
"checktext": "Detailed Policy Requirements:\n\nWhen the Password Keeper is enabled on the BlackBerry device, the AO must have reviewed and approved its use, and the application must be configured to enforce the following password rules.\n\nRequire use of eight or more characters. The Password Keeper must be configured to enforce this policy. \n\nSet the number of incorrect passwords entered before a device wipe occurs to 10 or less. The Password Keeper must be configured to enforce this policy. \n\nSet local policy to require a change of password at least every 90 days.\n\nCheck Requirements:\n\nInterview the ISSO.\n\nAsk if users are allowed to use Password Keeper on their handheld devices. \n\nIf Password Keeper is used:\n\nReview the AO approval documentation regarding this.\n\nWork with the ISSO to view the Password Keeper configuration on a sampling of BlackBerry devices using this application. On each BlackBerry, go to Applications/Password Keeper. The Password Keeper icon may also be installed directly on the BlackBerry home screen.\n\nVerify the following Password Keeper setting (have user log into Password Keeper, then click menu and select Options).\n\nVerify Random Password Length is set to 8 or more.\n\nVerify Password Attempts is set to 10 or less.\n\nVerify users are trained on password change requirement (90 days or less) by reviewing user agreement or training materials.\n\nIf Password Keeper is not authorized:\n\nReview a sample of site BlackBerry devices (2-3 devices) to verify Password Keeper is not installed: Settings >> Options >> Advanced >> Applications.\n\nReview the list of installed applications and confirm Password Keeper is not on the list.",
"description": "Password Keeper is a default BlackBerry application that can be installed on the BlackBerry handheld device. This application allows users to store passwords. The use of Password Keeper should be reviewed and approved by the local AO. Passwords are stored using 256-bit AES encryption using the BlackBerry FIPS 140-2 certified encryption module. Passwords in the Password Keeper can be copied and pasted into other applications but the password is unencrypted while it resides in the BlackBerry handheld device clipboard.",
"fixid": "F-23342r2_fix",
"fixtext": "When the Password Keeper is enabled on the BlackBerry device, the AO has reviewed and approved its use, and the application is configured as required.",
"iacontrols": [
"ECSC-1"
],
"id": "V-11865",
"ruleID": "SV-12364r3_rule",
"severity": "low",
"title": "When the Password Keeper is enabled on the BlackBerry device, the AO must review and approve its use, and the application must be configured as required.",
"version": "WIR1030-01 "
},
"V-11866": {
"checkid": "C-14985r3_chk",
"checktext": "Detailed Policy Requirements:\n\nWhen the BlackBerry Bluetooth Smart Card Reader (SCR) is used as a PC SCR, the following requirements must be\nfollowed:\n\nThe AO must approve the use of a Bluetooth smart card reader with command/site PCs.\n\nCheck Procedures:\n\nInterview the ISSO and wireless email system administrator. \n\nDetermine if use of the BlackBerry SCR with site PCs has been approved. If Yes, verify the following requirements are met:\n\nThe AO has approved the use of the BlackBerry SCR with site PCs. Have the ISSO provide documentation showing AO approval (letter, memo, SSP, etc.).",
"description": "Insecure Bluetooth configuration on the PC could make it vulnerable to compromise via a Bluetooth attack.",
"fixid": "F-23344r1_fix",
"fixtext": "BlackBerry Bluetooth SCR use with site PCs must be compliant with requirements.\n",
"iacontrols": [
"ECWN-1"
],
"id": "V-11866",
"ruleID": "SV-12366r3_rule",
"severity": "low",
"title": "BlackBerry Bluetooth SCR use with site PCs must be compliant with requirements.",
"version": "WIR1040-02"
},
"V-11870": {
"checkid": "C-11491r4_chk",
"checktext": "Perform the following procedures on the BES and a sample of BlackBerry devices (use 2-3 devices for a random sample) as appropriate.\n\nCheck a sample of BlackBerry devices (Settings >> Options >> Advanced Options >> Applications) to ensure the METAmessage application is not loaded on the BlackBerry device.\n\nOn the BES, have the BlackBerry Administrator show that the BES Application White List does not contain the application. This review should be performed at the same time checks WIR1310-01, WIR1310-02, and WIR1310-03 are reviewed so work is not duplicated.\n\nView the list of applications assigned to 3-4 samples Application White List software configurations assigned to users. Verify METAmessage is not listed.\n\nThe METAmessage application allows the user to open and create Microsoft Office files, such as MS Word or Excel attachments or documents. These documents can then be sent via email, saved, or printed. This application presents a security risk and is not allowed for use in DoD. Verify this software application is not used by interviewing the ISSO or reviewing a sampling of the devices.",
"description": "Onset Technologies METAmessage software is production software which may introduce a virus or other malicious code on the system. This software is not approved for use on DoD systems.",
"fixid": "F-23346r1_fix",
"fixtext": "Remove Onset Technologies METAmessage software installed on DoD BlackBerry devices or on the BES.\n",
"iacontrols": [
"ECWN-1"
],
"id": "V-11870",
"ruleID": "SV-12370r3_rule",
"severity": "high",
"title": "Onset Technologies METAmessage software must not be installed on DoD BlackBerry devices or on the BES.\n",
"version": "WIR1050-01 "
},
"V-11871": {
"checkid": "C-14987r2_chk",
"checktext": "Perform the following steps on a sample of site BlackBerry devices (use 2-3 devices as a random sample), as appropriate, to verify users have the capability to sign and encrypt email.\n\nVerify S/MIME is configured such that users may sign messages.\n\nCheck a sample of BlackBerry devices:\n\n- Verify S/MIME application and Smart Card Reader drivers are installed on the device:\no On the BlackBerry go to Settings>Options>Advanced Options>Applications.\no Look for the following applications:\n---S/MIME Support Package\n---PIV Drivers (optional)\n---BlackBerry Smart Card Reader\n---DoD Root Certificates\n\n-Verify Certificates are configured on the BlackBerry:\n---Settings>Options>Security Options>Certificate Servers \u2013 GDS and OCSP servers should be\nlisted.\n---Settings>Options>Security Options>Certificate - DoD Root certificates should be listed.\n---Settings>Options>Security Options>S/MIME \u2013 User\u2019s public keys should be loaded.\n",
"description": "S/MIME provides the capability for users to send and receive S/MIME email messages from wireless email devices. S/MIME and digital signatures provide assurance that the message is authentic and is required by DoD policy. Reference the DoD CIO memorandum regarding interim guidance on the use of derived PKI credentials (2015-05-06 DoD Interim Guidance for Implementing Derived PKI Credentials on Unclass CMDs) for BlackBerry certificate configuration information.",
"fixid": "F-23347r2_fix",
"fixtext": "BlackBerry devices must be provisioned so users can digitally sign and encrypt emergency and/or critical email notifications. ",
"iacontrols": [
"ECSC-1"
],
"id": "V-11871",
"ruleID": "SV-12371r3_rule",
"severity": "low",
"title": "BlackBerry devices must be provisioned so users can digitally sign and encrypt email notifications or any other email required by DoD policy. ",
"version": "WIR1055-01 "
},
"V-11872": {
"checkid": "C-14988r1_chk",
"checktext": "Check a sample of BlackBerry devices (use 2-3 devices as a random sample):\n\n- Open the BlackBerry email folder.\n- Highlight the date line at the top of the list of messages.\n- Click the Menu button.\n- Select Options, then Email Settings.\n- Check the contents of \u201cAuto Signature\u201d text box to verify compliance.\n",
"description": "The disclaimer message may give information which may key an attacker in on the device. This is primarily an OPSEC issue. This setting was directed by the USCYBERCOM.",
"fixid": "F-23348r1_fix",
"fixtext": "If BlackBerry email auto signatures are used, the signature message does not disclose that the email originated from a BlackBerry or mobile device (e.g., \u201cSent From My Wireless Handheld\u201d).\n",
"iacontrols": [
"ECSC-1"
],
"id": "V-11872",
"ruleID": "SV-12372r2_rule",
"severity": "low",
"title": "If BlackBerry email auto signatures are used, the signature message must not disclose that the email originated from a BlackBerry or mobile device (e.g., \u201cSent From My Wireless Handheld\u201d). ",
"version": "WIR1060-01 "
},
"V-11875": {
"checkid": "C-11498r2_chk",
"checktext": "Complete the following procedures on a sample of site BlackBerry devices (2-3 devices), as appropriate.\n\n- Review a sample (3-4) of handheld devices and verify the Wireless Carrier\u2019s Internet browser icon, web portal browser icon, and all other browser icons (Yahoo, etc.) are not installed on the BlackBerry device. The only browser icon installed should be the BlackBerry browser icon. Go to the BlackBerry device Home screen and verify only the BlackBerry browser icon is present. \n\nSettings>Options>Advanced Options>Browser\n\nVerify the BlackBerry Browser is set as the default browser. \n",
"description": "The BlackBerry Browser forces all Internet browsing to go through the site internet gateway, which provides additional security over the carrier's browser.",
"fixid": "F-23351r1_fix",
"fixtext": "All Internet browsers must be disabled and removed from the BlackBerry device except for the BlackBerry Internet Browser.",
"iacontrols": [
"ECSC-1"
],
"id": "V-11875",
"ruleID": "SV-12375r2_rule",
"severity": "low",
"title": "All Internet browser icons must be disabled from the BlackBerry device except for the BlackBerry Internet Browser icon.\t\n",
"version": "WIR1075-01"
},
"V-19213": {
"checkid": "C-23150r3_chk",
"checktext": "Detailed Policy Requirements:\n\nBlackBerry Handheld Software must be version 7.1 or later on BlackBerry devices. Otherwise, this is a finding.\n\nCheck Procedures:\n\nVerify required BlackBerry Handheld Software version is being used.\n\nOn a sample of site BlackBerry devices (use 2-3 for random sampling) check the installed software version as follows: Select Settings >> Options >> About.",
"description": "Required security features are not available in earlier OS versions. In addition, there are known vulnerabilities in earlier versions.",
"fixid": "F-23343r2_fix",
"fixtext": "Update BlackBerry devices to the required operating system software version.",
"iacontrols": [
"ECWN-1"
],
"id": "V-19213",
"ruleID": "SV-21102r3_rule",
"severity": "medium",
"title": "BlackBerry devices must have required operating system software version installed.",
"version": "WIR1040-01"
},
"V-19227": {
"checkid": "C-23179r2_chk",
"checktext": "Verify the BlackBerry administrator has used the configuration settings list in Table 5, BlackBerry STIG Configuration Tables and check the following settings:\n\n-Device Name (this is checked in two locations)\n-Reader LED \u2013 Low Battery\n-Reader LED \u2013 Pairing\n-Reader LED \u2013 Traffic\n\nA sample of BlackBerry devices should be checked (use 2-3 devices as a random sample). Table 5, BlackBerry STIG Configuration Tables contains instructions on how to verify correct settings on a BlackBerry.\n",
"description": "These checks are related to a defense-in-depth approach for the BlackBerry, including ensuring the locked BlackBerry is not identified as a DoD BlackBerry and providing visual indicators when the Bluetooth radio is being used so users can verify they have initiated a Bluetooth connection attempt or if a hacker has initiated the connection.",
"fixid": "F-23352r1_fix",
"fixtext": "Security configuration settings on the BlackBerry devices managed by the site are compliant with requirements listed in Table 1, BlackBerry STIG Configuration Tables. \n",
"iacontrols": [
"ECWN-1"
],
"id": "V-19227",
"ruleID": "SV-21127r2_rule",
"severity": "low",
"title": "Security configuration settings on the BlackBerry devices managed by the site must be compliant with requirements listed in Table 5, BlackBerry STIG Configuration Tables. ",
"version": "WIR1080-01"
},
"V-19281": {
"checkid": "C-23326r3_chk",
"checktext": "If user software certificates are used on the BlackBerry instead of the CAC, verify the AO has approved their use (letter, memo, SSP, etc.).",
"description": "S/MIME provides the capability for users to send and receive S/MIME email messages from wireless email devices. S/MIME and digital signatures provide assurance that the message is authentic and is required by DoD policy. Reference the DoD CIO memorandum regarding interim guidance on the use of derived PKI credentials (2015-05-06 DoD Interim Guidance for Implementing Derived PKI Credentials on Unclass CMDs) for Blackberry BlackBerry certificate configuration information.",
"fixid": "F-23347r2_fix",
"fixtext": "BlackBerry devices must be provisioned so users can digitally sign and encrypt emergency and/or critical email notifications. ",
"iacontrols": [
"ECSC-1"
],
"id": "V-19281",
"ruleID": "SV-21197r3_rule",
"severity": "low",
"title": "BlackBerry devices must be provisioned so users can digitally sign and encrypt email notifications. ",
"version": "WIR1055-02"
},
"V-19311": {
"checkid": "C-23355r3_chk",
"checktext": "Detailed Policy Requirements:\n\nWhen the BlackBerry Bluetooth Smart Card Reader (SCR) is used as a PC SCR, the following requirements must be followed:\n\nAt the time of the publication of this document, the use of the BlackBerry SCR for authentication with PCs is only authorized with PCs that have Microsoft Windows XP. The Microsoft Vista and Windows 7 Bluetooth stack has not yet been tested with the BlackBerry SCR to determine if Bluetooth device pairing can be done in a secure manner and meets DoD security requirements.\n\nCheck Procedures:\n\nPerform the following checks on site PCs used with the BlackBerry Bluetooth SCR:\n\nInterview the ISSO and SA and verify the BlackBerry SCR is not used with Windows Vista and Windows 7. BlackBerry users with Vista or Windows 7 on their PCs must be put in the BlackBerry users group not authorized to use the BlackBerry SCR with their PCs.",
"description": "Non-secure Bluetooth configuration on the PC could make it vulnerable to compromise via a Bluetooth attack.",
"fixid": "F-23344r1_fix",
"fixtext": "BlackBerry Bluetooth SCR use with site PCs must be compliant with requirements.\n",
"iacontrols": [
"ECSC-1"
],
"id": "V-19311",
"ruleID": "SV-21228r3_rule",
"severity": "medium",
"title": "BlackBerry Bluetooth SCR use with site PCs must be compliant with requirements.",
"version": "WIR1040-03"
},
"V-19312": {
"checkid": "C-23356r3_chk",
"checktext": "Detailed Policy Requirements:\n\nWhen the BlackBerry Bluetooth Smart Card Reader (SCR) is used as a PC SCR, the following requirements must be followed:\n\nThe PC must have the Bluetooth Lockdown tool installed and configured correctly. \n\nCheck Procedures:\n\nPerform the following checks on a sample (use 2-3 for random sample) of site PCs used with the BlackBerry Bluetooth SCR:\n\nVerify the Bluetooth Lockdown tool is installed and configured correctly:\n\nOn the PC, go to Start >> Control Panel >> Add or Remove Programs >> Select BlackBerry Smart Card Reader v1.5.1 and click the \"Change/Remove\" button.\n\nIn the first pop-up dialog box, click the \"Next\" button.\n\nIn the next dialog box, verify \"Modify\" is selected and click the \"Next\" button.\n\nIn the next dialog box, click the \"Next\" button.\n\nIn the next dialog box, (Restrict Bluetooth Functionality), verify the checkbox is checked.\n\nClick the \"Cancel\" button to cancel installation.",
"description": "Non-secure Bluetooth configuration on the PC could make it vulnerable to compromise via a Bluetooth attack.",
"fixid": "F-23344r1_fix",
"fixtext": "BlackBerry Bluetooth SCR use with site PCs must be compliant with requirements.\n",
"iacontrols": [
"ECSC-1"
],
"id": "V-19312",
"ruleID": "SV-21229r3_rule",
"severity": "medium",
"title": "BlackBerry Bluetooth SCR use with site PCs must be compliant with requirements.",
"version": "WIR1040-04"
},
"V-19313": {
"checkid": "C-23357r3_chk",
"checktext": "Detailed Policy Requirements:\n\nWhen the BlackBerry Bluetooth Smart Card Reader (SCR) is used as a PC SCR, the following requirements must be\nfollowed:\n\nBluetooth radios installed in site PCs must be Class 2 or 3. Class 1 (100 mW) Bluetooth radios\nare not allowed.\n\nNote: ISSOs: To determine the \"class\" rating of the Bluetooth radio, look under the specification section of the Bluetooth Network Interface Card manual, which can be downloaded from the laptop vendor\u2019s web site or the Bluetooth dongle vendor\u2019s web site. Nearly all internal laptop Bluetooth radios are Class 2 or 3, and many Bluetooth dongle radios are Class 1.\n\nCheck Procedures:\n\nPerform the following checks on site PCs used with the BlackBerry Bluetooth SCR:\n\nInterview the ISSO to verify only Bluetooth Class 2 or 3 radios are used in site PCs.\n\nHave the ISSO or site BlackBerry Administrator show for a sample of PCs the Bluetooth radio is not a Class 1 radio by providing a copy of the Bluetooth radio specification sheet.",
"description": "Non-secure Bluetooth configuration on the PC could make it vulnerable to compromise via a Bluetooth attack.",
"fixid": "F-23344r1_fix",
"fixtext": "BlackBerry Bluetooth SCR use with site PCs must be compliant with requirements.\n",
"iacontrols": [
"ECSC-1"
],
"id": "V-19313",
"ruleID": "SV-21230r3_rule",
"severity": "low",
"title": "BlackBerry Bluetooth SCR use with site PCs must be compliant with requirements.",
"version": "WIR1040-05"
},
"V-21949": {
"checkid": "C-26799r6_chk",
"checktext": "Detailed Policy Requirements:\n\nSite BlackBerry devices and SCRs must have required software versions installed.\n\nThe BlackBerry SCR hardware must be version 1 (model PRD-09695-004) or version 2 (model PRD-16951-001).\n\nBlackBerry SCR software package version 4.2.0.107 or later is required (Application version 4.2.0.107, Software platform 1.5.0.81).\n\nApriva Bluetooth SCR (BT200) driver v03-30-02 or later is required.\n\nBiometric Associates BaiMobile 3000MP SCR driver 0.1.3(19.07.13) or later.\n\nCheck Procedures:\n\nIf using the BlackBerry SCR:\n\nVerify required SCR model is used. The model number can be found under the battery.\n\nVerify required BlackBerry SCR software is being used. On a sample of BlackBerry SCRs (use 2-3 devices for random sample), press and hold the Action button until \"rEsetInG\" appears, and then read the Application version and Software platform version as they are displayed.\n\nIf using the Apriva SCR:\n\nOn the BlackBerry, press lower case v (as in Victor) to verify the version number of the Apriva Utility installed on the BlackBerry. On the BlackBerry, press lower case r (as in Romeo) to verify the version number of the Apriva driver installed on the Apriva SCR.\n\nIf using the Biometric Associates SCR:\n\nOn the BlackBerry, go to Settings >> Device >> Application Management >> baiSmartCardReader and verify the version number of the installed driver.\n\nIf the required driver is not installed, this is a finding.",
"description": "Required SCR security features are not available in earlier versions, and therefore Bluetooth vulnerabilities will not have been patched.",
"fixid": "F-11479r1_fix",
"fixtext": "Comply with DoD policy.",
"iacontrols": null,
"id": "V-21949",
"ruleID": "SV-25132r4_rule",
"severity": "low",
"title": "Required version of the BlackBerry Smart Card Reader (SCR) hardware must be used, and required versions of the drivers must be installed both on the BlackBerry and the SCR.",
"version": "WIR1040-06"
},
"V-22058": {
"checkid": "C-27007r2_chk",
"checktext": "Detailed Policy Requirement:\n\nBDM nor BWDM are required on BlackBerry users desktops, but if either are used, they must meet the following requirements:\n\n-For BDM, follow instructions found in USCYBERCOM IAVM Notice 2010-A-0132.\n\nIf BWDM is used, the BlackBerry Administration Server (BAS) must be configured for Microsoft Active Directory authentication on the BES.\n\nCheck Procedures:\n\nThe site can use either BlackBerry Desktop Manager or BlackBerry Web Desktop Manager or neither. Check a sample of BlackBerry user PCs (2-3). If BlackBerry Desktop Manager is used, verify the requirements found in USCYBERCOM IAVM Notice 2010-A-0132 have been followed. If BlackBerry Web Desktop Manager is used, no further action is required since the BES review will verify the BES has been configured for Microsoft Active Directory authentication in check WIR1355-01 (V-22102).\n",
"description": "The BWDM provides the capability for users to self provision their BlackBerry, and to synchronize the BlackBerrys to the BES. The BWDM works by providing a web client interface to the BlackBerry database via the BlackBerry Administrative Service (BAS). Users must log into the BAS to access the data service. The BAS is a private web server. CTO 0715rev 1 requires either CAC authentication or a complex 15-character password to log into DoD private web servers. DoD users must use their CAC for authentication to the BAS because they do not know their 256 character AD password.",
"fixid": "F-23324r1_fix",
"fixtext": "Configure BlackBerry Web Desktop Manager (BWDM) for CAC authentication, if used or use approved version of BlackBerry Desktop Manager.",
"iacontrols": [
"ECWN-1"
],
"id": "V-22058",
"ruleID": "SV-25495r3_rule",
"severity": "low",
"title": "BlackBerry Web Desktop Manager (BWDM) or BlackBerry Desktop Manager (BDM) must be configured as required. ",
"version": "WIR1095-01"
},
"V-26508": {
"checkid": "C-33857r2_chk",
"checktext": "Detailed Policy Requirements:\n\nThe following Bluetooth headset and handsfree devices are approved:\n\nBiometric Associates, LP (BAL) blueARMOR family of headsets (blueARMOR 100, blueARMOR 105, and blueARMOR 200) with firmware version 1.5.x.\n\nCheck Procedures:\n\nFor the BAL headset, the only way to verify the device model number and firmware version is to check the Bluetooth device name of a paired headset. Have the user pair the device to the BlackBerry, if not already paired. On the BlackBerry handheld, go to Options > Networks and Connections > Bluetooth Connections and check the list of paired devices. The device name should be in the form of baiMobileBA100 V1.5.0. The reviewer should check a sample of BlackBerry devices at the site (2-3) and verify compliance.\n\nNote: If the site uses the FIXMO Sentinel Enterprise integrity verification tool, checking BlackBerry handhelds is not required. Have the system administrator show that the Sentinel server is configured to audit paired Bluetooth devices on site managed BlackBerry handhelds.\n",
"description": "Bluetooth usage could provide an attack vector for a hacker to connect to a BlackBerry device without the knowledge of the user. DoD data would then be vulnerable.",
"fixid": "F-29526r1_fix",
"fixtext": "Use only approved Bluetooth headset and handsfree devices. ",
"iacontrols": [
"ECSC-1"
],
"id": "V-26508",
"ruleID": "SV-33354r2_rule",
"severity": "medium",
"title": "Only approved Bluetooth headset and handsfree devices must be used with site managed BlackBerry devices. ",
"version": "WIR1045-01"
}
},
"profiles": {
"MAC-1_Classified": {
"description": "",
"findings": {
"V-11866": "true",
"V-11870": "true",
"V-11871": "true",
"V-11872": "true",
"V-11875": "true",
"V-19213": "true",
"V-19227": "true",
"V-19281": "true",
"V-19311": "true",
"V-19312": "true",
"V-19313": "true",
"V-21949": "true",
"V-22058": "true",
"V-26508": "true"
},
"id": "MAC-1_Classified",
"title": "I - Mission Critical Classified"
},
"MAC-1_Public": {
"description": "",
"findings": {
"V-11865": "true",
"V-11866": "true",
"V-11870": "true",
"V-11871": "true",
"V-11872": "true",
"V-11875": "true",
"V-19213": "true",
"V-19227": "true",
"V-19281": "true",
"V-19311": "true",
"V-19312": "true",
"V-19313": "true",
"V-21949": "true",
"V-22058": "true",
"V-26508": "true"
},
"id": "MAC-1_Public",
"title": "I - Mission Critical Public"
},
"MAC-1_Sensitive": {
"description": "",
"findings": {
"V-11865": "true",
"V-11866": "true",
"V-11870": "true",
"V-11871": "true",
"V-11872": "true",
"V-11875": "true",
"V-19213": "true",
"V-19227": "true",
"V-19281": "true",
"V-19311": "true",
"V-19312": "true",
"V-19313": "true",
"V-21949": "true",
"V-22058": "true",
"V-26508": "true"
},
"id": "MAC-1_Sensitive",
"title": "I - Mission Critical Sensitive"
},
"MAC-2_Classified": {
"description": "",
"findings": {
"V-11866": "true",
"V-11870": "true",
"V-11871": "true",
"V-11872": "true",
"V-11875": "true",
"V-19213": "true",
"V-19227": "true",
"V-19281": "true",
"V-19311": "true",
"V-19312": "true",
"V-19313": "true",
"V-21949": "true",
"V-22058": "true",
"V-26508": "true"
},
"id": "MAC-2_Classified",
"title": "II - Mission Support Classified"
},
"MAC-2_Public": {
"description": "",
"findings": {
"V-11865": "true",
"V-11866": "true",
"V-11870": "true",
"V-11871": "true",
"V-11872": "true",
"V-11875": "true",
"V-19213": "true",
"V-19227": "true",
"V-19281": "true",
"V-19311": "true",
"V-19312": "true",
"V-19313": "true",
"V-21949": "true",
"V-22058": "true",
"V-26508": "true"
},
"id": "MAC-2_Public",
"title": "II - Mission Support Public"
},
"MAC-2_Sensitive": {
"description": "",
"findings": {
"V-11865": "true",
"V-11866": "true",
"V-11870": "true",
"V-11871": "true",
"V-11872": "true",
"V-11875": "true",
"V-19213": "true",
"V-19227": "true",
"V-19281": "true",
"V-19311": "true",
"V-19312": "true",
"V-19313": "true",
"V-21949": "true",
"V-22058": "true",
"V-26508": "true"
},
"id": "MAC-2_Sensitive",
"title": "II - Mission Support Sensitive"
},
"MAC-3_Classified": {
"description": "",
"findings": {
"V-11866": "true",
"V-11870": "true",
"V-11871": "true",
"V-11872": "true",
"V-11875": "true",
"V-19213": "true",
"V-19227": "true",
"V-19281": "true",
"V-19311": "true",
"V-19312": "true",
"V-19313": "true",
"V-21949": "true",
"V-22058": "true",
"V-26508": "true"
},
"id": "MAC-3_Classified",
"title": "III - Administrative Classified"
},
"MAC-3_Public": {
"description": "",
"findings": {
"V-11865": "true",
"V-11866": "true",
"V-11870": "true",
"V-11871": "true",
"V-11872": "true",
"V-11875": "true",
"V-19213": "true",
"V-19227": "true",
"V-19281": "true",
"V-19311": "true",
"V-19312": "true",
"V-19313": "true",
"V-21949": "true",
"V-22058": "true",
"V-26508": "true"
},
"id": "MAC-3_Public",
"title": "III - Administrative Public"
},
"MAC-3_Sensitive": {
"description": "",
"findings": {
"V-11865": "true",
"V-11866": "true",
"V-11870": "true",
"V-11871": "true",
"V-11872": "true",
"V-11875": "true",
"V-19213": "true",
"V-19227": "true",
"V-19281": "true",
"V-19311": "true",
"V-19312": "true",
"V-19313": "true",
"V-21949": "true",
"V-22058": "true",
"V-26508": "true"
},
"id": "MAC-3_Sensitive",
"title": "III - Administrative Sensitive"
}
},
"slug": "blackberry_os_7.x.x",
"title": "BlackBerry OS 7.x.x Security Technical Implementation Guide",
"version": "2"
}
}