Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-33251 | SRG-OS-000240-NA | SV-43669r1_rule | Medium |
Description |
---|
Once an attacker establishes initial access to a system, they often attempt to create a persistent method of re-establishing access. One way to accomplish this is for the attacker to simply modify an existing account. Rationale for non-applicability: For the purposes of this SRG, a mobile operating system is assumed to support a single human-accessible user account. Traditional auditing of account management functions is not required in this context. |
STIG | Date |
---|---|
Mobile Operating System Security Requirements Guide | 2012-10-01 |
Check Text ( C-41547r1_chk ) |
---|
This requirement is NA for the Mobile OS SRG. |
Fix Text (F-37181r1_fix) |
---|
The requirement is NA. No fix is required. |