UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The mobile operating system must notify mobile device management services of certificate failures related to digital signatures on software applications or components.


Overview

Finding ID Version Rule ID IA Controls Severity
V-33010 SRG-OS-000084-MOS-000054 SV-43408r1_rule Medium
Description
A certificate failure related to a digital signature on software applications or components is strong evidence of a system breach. Notifying mobile device management services of such an occurrence allows the enterprise to assess the situation, contain the breach if one exists, and possibly invoke incident response procedures.
STIG Date
Mobile Operating System Security Requirements Guide 2013-04-12

Details

Check Text ( C-41308r1_chk )
Review the mobile operating system configuration for notification of certificate failures related to digital signatures on software applications or components to mobile device management services. If the mobile operating system does not notify the mobile device management services of certificate failures related to digital signatures on software applications or components, this is a finding.
Fix Text (F-36923r1_fix)
Configure the mobile operating system to notify mobile device management services of certificate failures related to digital signatures on software applications or components.