UCF STIG Viewer Logo

The LG Android 5.0 platform must be configured to enable CC Mode.


Overview

Finding ID Version Rule ID IA Controls Severity
V-58841 LGA5-20-002600 SV-73271r1_rule Medium
Description
CC mode implements several security controls required by the Mobile Device Functional Protection Profile (MDFPP). If CC mode is not implemented, DoD data is more at risk of being compromised, and the MD is more at risk of being compromised if lost or stolen. CC mode implements the following controls: 1. Certificate Validation LG provides Certificate validation feature for all certificates to protect your secure connection from spoofing and invalid certificates. This capability can be automatically configured by enabling CC Mode. 2. Firmware Update Protection Except secure update verified by RSA (2048bit) algorithm and SHA256 for hash, unsecured firmware update methods is restricted in CC mode. 3. Self-test for crypto libraries If the CC Mode is enabled, self-tests for crypto libraries are automatically started at bootup time. 4. Restriction of TLS cipher suites Limited cipher suites can be selectable in the CC mode. SFR ID: FMT_SMF.1.1 #42
STIG Date
LG Android 5.x Interim Security Configuration Guide 2015-09-22

Details

Check Text ( C-59687r1_chk )
This validation procedure is performed on the MDM Administration Console only.

Check whether the appropriate setting is configured on the MDM Administration Console:
1. Ask the MDM administrator to display the "CC Mode" setting in the MDM console.
2. Verify the setting for the CC mode is set and the device is enrolled on the MDM.

If the "Set CC Mode" setting is disabled on the MDM console, this is a finding.
Fix Text (F-64225r1_fix)
Configure the mobile device to enable CC Mode.

On the MDM Administration Console, set the "CC Mode".