UCF STIG Viewer Logo

The mobile operating system must retain the notification message or banner on the screen preventing further activity until the user executes a positive action to manifest agreement by selecting a box indicating acceptance.


Overview

Finding ID Version Rule ID IA Controls Severity
V-32935 SRG-OS-000024-MOS-000005 SV-43333r1_rule Low
Description
To establish acceptance of system usage policy, a click-through banner at startup device unlock is required. The banner must prevent further activity on the application unless and until the user executes a positive action to manifest agreement by clicking the indicated acceptance. By preventing access to the system until the user accepts the conditions, legal requirements are met to protect the DoD and to remind users the device is designed and implemented for business use.
STIG Date
Mobile Operating System Security Requirements Guide 2013-07-03

Details

Check Text ( C-41241r1_chk )
Examine the mobile operating system configuration for preventing further activity on the mobile device until the user executes a positive action to manifest agreement by selecting a box indicating acceptance. If the startup unlock process does not explicitly require the user manifest agreement by selecting a box indicating acceptance, this is a finding.
Fix Text (F-36851r1_fix)
Modify the startup unlock process to require the banner text remain on the screen and prevent further activity until the user executes a positive action to manifest agreement by selecting a box indicating acceptance.