UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Only DoD PKI issued or DoD approved software authentication certificates may be installed on DoD mobile operating system devices.


Overview

Finding ID Version Rule ID IA Controls Severity
V-33169 SRG-OS-000179-MOS-000101 SV-43567r1_rule High
Description
If unauthorized software authentication certificates are installed on the device, then the operating system would not block malware signed by the entity that published these certificates. Such malware could be used to obtain sensitive DoD information or to further breach system security. Eliminating unapproved software authentication certificates greatly mitigates the risk of malware passing authentication controls.
STIG Date
Mobile Operating System Security Requirements Guide 2012-10-01

Details

Check Text ( C-41430r1_chk )
Review the mobile operating system certificate store for the software authentication certificates. In some cases, the certificates may not be visible. In this situation, consult system documentation to determine what certificates are installed on the device. Match the certificates present against a list of approved certificates. Verify there are no unapproved certificates present. If there are unapproved software authentication certificates installed on the device, this is a finding.
Fix Text (F-37069r2_fix)
Remove unapproved software authentication certificates from the device.