The mobile operating system must conduct a device integrity scan at least once every six hours.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-33194	SRG-OS-000202-MOS-000110	SV-43592r1_rule		Low

Description
Unauthorized changes to the operating system software or information on the system can possibly result in integrity or availability concerns. In order to quickly react to this situation, the operating system must detect these changes. One aspect of detection is the frequency at which the scans occur. The ability to set an appropriate frequency mitigates the risk that an attack will go without detection longer than the scanning interval.

Description

Unauthorized changes to the operating system software or information on the system can possibly result in integrity or availability concerns. In order to quickly react to this situation, the operating system must detect these changes. One aspect of detection is the frequency at which the scans occur. The ability to set an appropriate frequency mitigates the risk that an attack will go without detection longer than the scanning interval.

STIG	Date
Mobile Operating System Security Requirements Guide	2012-10-01

Details

Check Text ( C-41455r1_chk )
Review the operating system and MDM agent software settings to verify the device integrity validation scan frequency is at least once every six hours. If it is not, this is a finding.

Fix Text (F-37095r1_fix)
Configure the mobile operating system to scan the device at least once every six hours.