UCF STIG Viewer Logo

The operating system at organization defined information system components must load and execute organization defined applications from hardware-enforced, read-only media.


Overview

Finding ID Version Rule ID IA Controls Severity
V-33782 SRG-OS-000188-NA SV-44207r1_rule Medium
Description
Use of non-modifiable storage ensures the integrity of the software program from the point of creation of the read-only image. Organizations may require the information system to load specified applications from hardware-enforced read-only media. Hardware-enforced, read-only media includes CD-R/DVD-R disk drives. Rationale for non-applicability: Mobile OS devices must be flash upgradable in order to implement patches to vulnerabilities. The small form factor of a mobile device does not easily allow for multiple forms of storage. Therefore, the persistent memory on a mobile device must be writeable and cannot support this requirement.
STIG Date
Mobile Operating System Security Requirements Guide 2013-07-03

Details

Check Text ( C-41839r1_chk )
This requirement is NA for the Mobile OS SRG.
Fix Text (F-37075r2_fix)
The requirement is NA. No fix is required.