Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The mobile operating system must not permit a user to disable or modify the security policy or enforcement mechanisms on the device.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-33292 | SRG-OS-999999-MOS-000135 | SV-43711r1_rule | High |
| Description |
|---|
| The integrity of the security policy and enforcement mechanisms is critical to the IA posture of the operating system. If a user can modify a device's security policy or enforcement mechanisms, then a wide range of subsequent attacks are possible, including unauthorized access to information and networks. Access controls that prevent a user from making modifications, such as these, mitigate the risk of operating system compromise. |
| STIG | Date |
|---|---|
| Mobile Operating System Security Requirements Guide | 2012-10-01 |
Details
| Check Text ( C-41589r1_chk ) |
|---|
| Review the mobile operating system configuration for prohibiting the user from modifying the security policy and related enforcement mechanisms. If the mobile operating system allows the user to modify the security policy and related enforcement mechanisms on the mobile device, this is a finding. |
| Fix Text (F-37222r1_fix) |
|---|
| Configure the operating system to prohibit a user from disabling or modifying the security policy or enforcement mechanisms on the device. |