UCF STIG Viewer Logo

The mobile operating system must notify the user of certificate failures related to digital signatures on software applications or components.


Overview

Finding ID Version Rule ID IA Controls Severity
V-33011 SRG-OS-000085-MOS-000055 SV-43409r2_rule Medium
Description
A certificate failure related to a digital signature on software applications or components is strong evidence of a system breach. Notifying the user of such an occurrence allows the user to notify the user's technical support personnel and IAO, as well as proceed with caution regarding activities performed on the device.
STIG Date
Mobile Operating System Security Requirements Guide 2013-07-03

Details

Check Text ( C-41309r1_chk )
Review the mobile operating system configuration for notification of certificate failures related to digital signatures on software applications or components to the user. If the mobile operating system does not notify the user of certificate failures related to digital signatures on software applications or components, this is a finding.
Fix Text (F-36924r1_fix)
Configure the mobile operating system to notify the user of certificate failures related to digital signatures on software applications or components.