UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The operating system must employ automated mechanisms to restrict the use of maintenance tools to authorized personnel only.


Overview

Finding ID Version Rule ID IA Controls Severity
V-33104 SRG-OS-000124-NA SV-43502r1_rule Medium
Description
The intent of this control is to address the security-related issues arising from the software brought into the operating system specifically for diagnostic and repair actions (e.g., a software packet sniffer introduced for the purpose of a particular maintenance activity). Rationale for non-applicability: A mobile operating system typically does not have local audit or maintenance tools. The IA control corresponding to CCI-001803 addresses restricting users from performing system management functions. In many cases, diagnostic tools on mobile devices are accessible to anyone in possession of the device.
STIG Date
Mobile Operating System Security Requirements Guide 2013-07-03

Details

Check Text ( C-41363r1_chk )
This requirement is NA for the Mobile OS SRG.
Fix Text (F-37004r1_fix)
The requirement is NA. No fix is required.