UCF STIG Viewer Logo

The mobile operating system must detect the addition of unauthorized hardware components and peripherals at start up and when they are attached.


Overview

Finding ID Version Rule ID IA Controls Severity
V-33061 SRG-OS-000098-MOS-000064 SV-43459r1_rule Medium
Description
Unauthorized hardware components and peripherals include memory cards, SIM cards, and USB attachments. If the user or an adversary is able to add or attach unauthorized components to a device, then those components may be used to compromise other components or perform prohibited functions. The addition of the unauthorized component may also cause the system to behave in unintended ways, perhaps degrading the performance of mission-critical applications. Detecting the addition of unauthorized components allows for roll-back to the previous state.
STIG Date
Mobile Operating System Security Requirements Guide 2013-07-03

Details

Check Text ( C-41330r1_chk )
Inspect the mobile operating system configuration to detect the addition of unauthorized hardware components and peripherals at start up and when they are attached. If the mobile operating system does not detect unauthorized hardware components or peripherals, this is a finding.
Fix Text (F-36961r1_fix)
Remove unauthorized components and configure the mobile operating system to detect the addition of unauthorized hardware components and peripherals at start up and when they are attached.