Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-70125 | MSWM-10-910502 | SV-84747r1_rule | Medium |
Description |
---|
Bluetooth usage could provide an attack vector for a hacker to connect to a mobile OS device without the knowledge of the user. Disabling Discoverable mode reduces the risk of a non-authorized Bluetooth device connecting the DoD mobile OS device. SFR ID: FMT_SMF_EXT.1.1 #20a |
STIG | Date |
---|---|
Microsoft Windows 10 Mobile Security Technical Implementation Guide | 2016-09-26 |
Check Text ( C-70601r1_chk ) |
---|
Review MDM configuration settings to determine if the required Bluetooth discoverability mode is being disabled. This validation procedure is performed only on the MDM administration console. On the MDM administration console: Ask the MDM administrator to verify the "allow Bluetooth device to be discoverable" security policy was set to be disallowed for Windows 10 Mobile devices. If the MDM is not configured to restrict the "allow Bluetooth device to be discoverable", this is a finding. |
Fix Text (F-76361r1_fix) |
---|
Configure the MDM system with a security policy that restricts the "allow Bluetooth device to be discoverable" capability to be disabled for Windows 10 Mobile devices. Deploy the MDM policy to managed devices. |