The IDPS must be configured to disable functionality that provides the capability for automatic execution of code on mobile devices without user direction.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000073-IDPS-NA | SRG-NET-000073-IDPS-NA | SRG-NET-000073-IDPS-NA_rule | Low |
| Description |
|---|
| Auto execution vulnerabilities can result in malicious programs being executed that can be used to cause a denial of service on the device and hence disrupt network services. Examples of information system functionality that provide the capability for automatic execution of code are Auto Run and AutoPlay. Disabling applications on mobile devices is outside the scope of both the IDS and the IPS. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43138_chk ) |
|---|
| This requirement does not apply to IDPS. |
| Fix Text (F-43138_fix) |
|---|
| Not applicable for IDPS. No fix required. |