Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-33177 | SRG-OS-000185-NA | SV-43575r1_rule | Medium |
Description |
---|
This control is intended to address the confidentiality and integrity of information at rest in non-mobile devices and covers user information and system information. Information at rest refers to the state of information when it is located on a secondary storage device (e.g., disk drive, tape drive). The operating system must ensure the data being written to these devices is protected. In most cases, this is done via encryption. Rationale for non-applicability: This vulnerability is better addressed by CCI-001200, which includes cryptographic mechanisms to protect confidential and integrity of data at rest. |
STIG | Date |
---|---|
Mobile Operating System Security Requirements Guide | 2013-04-12 |
Check Text ( C-41438r1_chk ) |
---|
This requirement is NA for the Mobile OS SRG. |
Fix Text (F-37078r1_fix) |
---|
The requirement is NA. No fix is required. |