UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The mobile operating system must prevent non-privileged users from circumventing intrusion detection and prevention capabilities.


Overview

Finding ID Version Rule ID IA Controls Severity
V-33188 SRG-OS-000197-MOS-000106 SV-43586r1_rule High
Description
Intrusion detection and prevention capabilities must be architected and implemented to prevent non-privileged users from circumventing such protections. Ensuring that any security feature is protected against bypass, tampering, or disablement is best met by a mandatory access control mechanism. However, limited protection may also be accomplished through the use of user roles and systems permissions.
STIG Date
Mobile Operating System Security Requirements Guide 2013-07-03

Details

Check Text ( C-41449r1_chk )
Review system documentation, operating system configuration, and other IA information resources to determine if a non-privileged user can circumvent intrusion detection and prevention capabilities. Determine if a non-privileged user can terminate processes for the intrusion detection and prevention functionality. If a non-privileged user can circumvent this functionality, this is a finding.
Fix Text (F-37089r1_fix)
Configure the operating system and its intrusion detection and prevention capabilities so they cannot be circumvented by a non-privileged user.