The mobile operating system must not permit a user to disable or modify the security policy or enforcement mechanisms on the device.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-33292	SRG-OS-999999-MOS-000135	SV-43711r1_rule		High

Description
The integrity of the security policy and enforcement mechanisms is critical to the IA posture of the operating system. If a user can modify a device's security policy or enforcement mechanisms, then a wide range of subsequent attacks are possible, including unauthorized access to information and networks. Access controls that prevent a user from making modifications, such as these, mitigate the risk of operating system compromise.

Description

The integrity of the security policy and enforcement mechanisms is critical to the IA posture of the operating system. If a user can modify a device's security policy or enforcement mechanisms, then a wide range of subsequent attacks are possible, including unauthorized access to information and networks. Access controls that prevent a user from making modifications, such as these, mitigate the risk of operating system compromise.

STIG	Date
Mobile Operating System Security Requirements Guide	2013-07-03

Details

Check Text ( C-41589r1_chk )
Review the mobile operating system configuration for prohibiting the user from modifying the security policy and related enforcement mechanisms. If the mobile operating system allows the user to modify the security policy and related enforcement mechanisms on the mobile device, this is a finding.

Fix Text (F-37222r1_fix)
Configure the operating system to prohibit a user from disabling or modifying the security policy or enforcement mechanisms on the device.