The operating system must employ cryptographic mechanisms to protect the integrity and confidentiality of non-local maintenance and diagnostic communications.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-33109	SRG-OS-000129-NA	SV-43507r1_rule		Medium

Description
Non-local maintenance and diagnostic activities are those activities conducted by individuals communicating through a network, either an external network (e.g., the Internet) or an internal network. To protect the integrity and confidentiality of non-local maintenance and diagnostics, all packets associated with these sessions must be encrypted. Rationale for non-applicability: For the purposes of this SRG, a mobile operating system is assumed to support a single human-accessible user account. "Maintenance" is typically automated and is not associated with a human user account.

Description

Non-local maintenance and diagnostic activities are those activities conducted by individuals communicating through a network, either an external network (e.g., the Internet) or an internal network. To protect the integrity and confidentiality of non-local maintenance and diagnostics, all packets associated with these sessions must be encrypted. Rationale for non-applicability: For the purposes of this SRG, a mobile operating system is assumed to support a single human-accessible user account. "Maintenance" is typically automated and is not associated with a human user account.

STIG	Date
Mobile Operating System Security Requirements Guide	2013-07-03

Details

Check Text ( C-41368r1_chk )
This requirement is NA for the Mobile OS SRG.

Fix Text (F-37009r1_fix)
The requirement is NA. No fix is required.