The operating system must support the requirement that organizations, if an information system component failure is detected, must activate an organization defined alarm and/or automatically shuts down the operating system.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-33200 | SRG-OS-000207-NA | SV-43599r1_rule | Medium |
| Description |
|---|
| Predictable failure prevention requires organizational planning to address system failure issues. If a subsystem of the operating system, hardware, or the operating system itself, is key to maintaining systems and security fails to function, the system could continue operating in an insecure state. The organization must be prepared for and the operating system must support capability that alarms for such conditions and/or automatically shuts down the operating system or the subsystem of the operating system. Rationale for non-applicability: Resource constraints on mobile devices preclude implementation of all IA functions. The applicability of this control may be reconsidered at a future date if subsequent generations of mobile devices are better able to support this control and the applications and data typically on the device justify its implementation. |
| STIG | Date |
|---|---|
| Mobile Operating System Security Requirements Guide | 2013-07-03 |
Details
| Check Text ( C-41462r1_chk ) |
|---|
| This requirement is NA for the Mobile OS SRG. |
| Fix Text (F-37102r1_fix) |
|---|
| The requirement is NA. No fix is required. |