| V-48349 | Medium | Samsung Knox Android must allow only the administrator/MDM to enable/disable USB mass storage mode. | Users must not be able to override the system policy on enabling/disabling USB mass storage mode. Enabling USB mass storage mode could allow sensitive DoD data to be copied to USB storage devices,... |
| V-48279 | Medium | The Samsung Knox Android VPN client must use either IPSec or SSL/TLS when connecting to DoD networks. | Use of non-standard communications protocols can affect both the availability and confidentiality of communications. IPSec and SSL/TLS are both well-known and tested protocols that provide strong... |
| V-48253 | Medium | The container must be enabled by the administrator/MDM. | The container must be enabled by the administrator/MDM or the container's protections will not apply to the mobile device. This will cause the mobile device's apps and data to be at significantly... |
| V-48251 | Medium | The administrator/MDM must enable CC mode. | CC mode implements several security controls required by the Mobile Device Functional Protection Profile (MDFPP). If CC mode is not implemented, DoD data is more at risk of being compromised and... |
| V-48255 | Medium | The mobile device operating system must have access to DoD root and intermediate PKI certificates when performing DoD PKI-related transactions. | DoD root and intermediate PKI certificates are used to verify the authenticity of PKI certificates of users and web services. If the root and intermediate certificates are not available, an... |
| V-49687 | Medium | Samsung Knox Android must lock the container after 15 minutes of inactivity. | Having a session lock after an idle time helps protect the device from unauthorized access. The idle time is a window of opportunity for adversaries who gain physical access to the mobile device... |
| V-49685 | Medium | The administrator/MDM must configure the application installation policy by specifying authorized application repositories (Enroll in MDM). | Forcing all applications to be installed from authorized application repositories can prevent unauthorized and malicious applications from being installed and executed on mobile devices. Allowing... |
| V-49683 | Medium | The administrator/MDM must configure the application installation policy by specifying authorized application repositories (Disable unknown sources). | Forcing all applications to be installed from authorized application repositories can prevent unauthorized and malicious applications from being installed and executed on mobile devices. Allowing... |
| V-49681 | Medium | Samsung Knox Android must protect data-at-rest on removable storage media. | The operating system must ensure the data being written to the mobile device's storage media is protected from unauthorized access. If data at rest is unencrypted, it is vulnerable to disclosure.... |
| V-48343 | Medium | Samsung Knox Android must allow only the administrator/MDM to enable/disable developer modes. | Developer modes circumvent certain security measures, so their use for standard operation is not recommended. Developer modes may increase the likelihood of compromise of confidentiality,... |
| V-48333 | Medium | The administrator/MDM must configure an application whitelist, listing authorized applications and versions. | Requiring all authorized applications to be in an application whitelist prevents the execution of any applications (e.g., unauthorized, malicious) that are not part of the whitelist. Failure to... |
| V-48263 | Medium | Samsung Knox Android must allow only the administrator/MDM to set the screen lock timeout for the container password. | Users must not be able to override the system policy on the screen lock timeout because this could allow them to effectively disable the timeout (e.g., by setting the timeout to 0 minutes) or to... |
| V-48261 | Medium | Only DoD PKI issued or DoD approved server authentication certificates must be installed on DoD Samsung Knox Android devices. | If unauthorized device authentication certificates are installed on the device, there is the potential that the device may connect to a rogue device or network. Rogue devices can mimic the... |
| V-48289 | Medium | Samsung Knox Android must prevent a user from using a browser outside the container that does not direct its traffic to a DoD proxy server. | Proxy servers can inspect traffic for malware and other signs of a security attack. Allowing a mobile device to access the public Internet without proxy server inspection forgoes the protection... |
| V-48265 | Medium | The Samsung Knox Android Bluetooth module must not permit any data transfer between devices prior to Bluetooth mutual authentication. | Bluetooth mutual authentication provides assurance that both the mobile device and Bluetooth peripheral are legitimate. If the authentication does not occur immediately before permitting a network... |
| V-48249 | Medium | Samsung Knox Android must protect data-at-rest on built-in storage media. | The operating system must ensure the data being written to the mobile device's storage media is protected from unauthorized access. If data at rest is unencrypted, it is vulnerable to disclosure.... |
| V-48345 | Medium | Samsung Knox Android must allow only the administrator/MDM to enable/disable data-at-rest protection. | Users must not be able to override the system policy on data-at-rest protection. The operating system must ensure the data being written to the mobile device's built-in storage media is protected... |
| V-48337 | Medium | The administrator/MDM must configure the application installation policy by specifying authorized application repositories (Disable Google Play). | Forcing all applications to be installed from authorized application repositories can prevent unauthorized and malicious applications from being installed and executed on mobile devices. Allowing... |
| V-48319 | Medium | Samsung Knox Android must lock the device screen after a time period of inactivity. | Having a session lock after an idle time helps protect the device from unauthorized access. The idle time is a window of opportunity for adversaries who gain physical access to the mobile device... |
| V-48247 | Medium | The administrator/MDM must disable all Bluetooth profiles except for HSP (Headset Profile), HFP (Hands-Free Profile) and SPP (Serial Port Profile). | Unsecure Bluetooth profiles may allow either unauthenticated connections to mobile devices or transfer of sensitive DoD data without required DoD information assurance (IA) controls. Only the HSP,... |
| V-48347 | Medium | Samsung Knox Android must allow only the administrator/MDM to enable/disable data-at-rest protection for removable media. | Users must not be able to override the system policy on data-at-rest protection for removable media. The operating system must ensure the data being written to the mobile device's removable media... |
| V-48313 | Medium | Samsung Knox Android must employ mobile device management services to centrally manage security relevant configuration and policy settings. | Security related parameters are those parameters impacting the security state of the system and include parameters related to the implementation of other IA controls. If these controls are not... |
| V-48339 | Medium | Samsung Knox Android must allow only the administrator/MDM to configure application installation policy by specifying a set of allowed applications and versions (an application whitelist). | Users must not be able to override the system policy on specifying an application whitelist because this could allow them to list unauthorized applications as part of the whitelist. This could... |
| V-48269 | Medium | Samsung Knox Android must authenticate devices before establishing remote network (e.g., VPN) connections using bidirectional cryptographically based authentication between devices. | Without strong mutual authentication a mobile device may connect to an unauthorized network. In many cases, the user may falsely believe that the device is connected to an authorized network and... |
| V-48335 | Medium | Samsung Knox Android must allow only the administrator/MDM to configure application installation policy by specifying authorized application repositories. | Users must not be able to override the system policy on specifying authorized application repositories because this could allow them to list unauthorized sites as part of the "authorized" list.... |
| V-48341 | Medium | Samsung Knox Android must allow only the administrator/MDM to enable/disable wireless remote access connections (except for personal hotspot service), and tethered connections. | Users must not be able to override the system policy on wireless remote access connections because this could allow them to establish unauthorized remote access connections. The mobile device... |
| V-48293 | Medium | The administrator/MDM must disable USB debugging. | USB debugging mode provides access to developer mode features. Developer modes circumvent certain security measures, so their use for standard operation is not recommended. Developer modes may... |
| V-48275 | Medium | Samsung Knox Android must prevent a user from using a browser in the container that does not direct its traffic to a DoD proxy server. | Proxy servers can inspect traffic for malware and other signs of a security attack. Allowing a mobile device to access the public Internet without proxy server inspection forgoes the protection... |
| V-48321 | Medium | The administrator/MDM must disable USB mass storage mode. | This data transfer capability could allow users to transfer sensitive DoD data onto unauthorized USB storage devices, thus leading to the compromise of this DoD data.
SFR ID: FMT_SMF.1.1 #42 |
| V-48305 | Medium | Samsung Knox Android must allow only the administrator/MDM to disable the screen lock function. | Users must not be able to override the system policy on the screen lock function because this could allow them to disable the function, preventing automatic screen locking from occurring. This... |
| V-48307 | Medium | Samsung Knox Android must allow only the administrator/MDM to set the screen lock timeout. | Users must not be able to override the system policy on the screen lock timeout because this could allow them to effectively disable the timeout (e.g., by setting the timeout to 0 minutes) or to... |
| V-48283 | Medium | The Samsung Knox Android Bluetooth stack must use 128-bit Bluetooth encryption when performing data communications with other Bluetooth devices. | If data traffic is sent unencrypted, an adversary may be able to read it to obtain sensitive information. 128-bit Bluetooth encryption for data communications mitigates the risk of unauthorized... |
| V-48291 | Medium | Samsung Knox Android must authenticate tethered connections to the device. | Authentication may occur either by reentry of the device unlock passcode at the time of connection, through another passcode with the same or stronger complexity, or through PKI certificates.... |
| V-48257 | Low | The administrator/MDM must set the maximum number of consecutive failed container authentication attempts to 10 or less. | Users must not be able to override the system policy on the maximum number of consecutive failed authentication attempts because this could allow them to raise the maximum, thus giving adversaries... |
| V-48271 | Low | Samsung Knox Android must allow only the administrator/MDM to enforce a minimum password length for the container password. | Users must not be able to override the system policy on minimum password length because this could allow them to set passwords that are easily guessable or crackable. Only administrators and the... |
| V-48277 | Low | Samsung Knox Android must synchronize the internal clock on an organization-defined periodic basis with an authoritative time server or the Global Positioning System. | Determining the correct time a particular application event occurred on a system is critical when conducting forensic analysis and investigating system events.
Periodically synchronizing... |
| V-48285 | Low | The administrator/MDM must configure the mobile operating system to display the DoD-standard consent banner. | The operating system is required to display the DoD approved system use notification message or banner before granting access to the system that provides privacy and security notices consistent... |
| V-48287 | Low | The administrator/MDM must disable mock locations. | Developers often use mock locations in the development of apps that leverage location-based services. Developer modes circumvent certain security measures, so their use for standard operation is... |
| V-48281 | Low | Before establishing a user session, Samsung Knox Android must display an administrator/MDM-specified advisory notice and consent warning banner regarding use of Samsung Knox Android. | The operating system is required to display the DoD approved system use notification message or banner before granting access to the system that provides privacy and security notices consistent... |
| V-48267 | Low | The administrator/MDM must enforce a minimum password length of 6 characters for the container password. | Password strength is a measure of the effectiveness of a password in resisting guessing and brute force attacks. The ability to crack a password is a function of how many attempts an adversary is... |
| V-48273 | Low | Samsung Knox Android must be able to filter both inbound and outbound traffic based on IP address and UDP/TCP port. | Open ports provide an attack surface that an adversary can then potentially use to breach system security. If an adversary can communicate with the mobile device from any IP address, then the... |
| V-48297 | Low | Samsung Knox Android must wipe all protected data from the device after 10 consecutive unsuccessful attempts to unlock the device. | Any time an authentication method is exposed to allow for the utilization of an operating system, there is a risk that attempts will be made to obtain unauthorized access. Mobile devices present... |
| V-48311 | Low | The administrator/MDM must enforce a minimum device unlock password length of 6 characters. | Password strength is a measure of the effectiveness of a password in resisting guessing and brute force attacks. The ability to crack a password is a function of how many attempts an adversary is... |
| V-48317 | Low | The administrator/MDM must set the maximum number of consecutive failed authentication attempts for the device unlock password to 10 or less. | Users must not be able to override the system policy on the maximum number of consecutive failed authentication attempts because this could allow them to raise the maximum, thus giving adversaries... |
| V-48309 | Low | Samsung Knox Android must allow only the administrator/MDM to set the maximum number of consecutive failed authentication attempts. | Users must not be able to override the system policy on the maximum number of consecutive failed authentication attempts because this could allow them to raise the maximum, thus giving adversaries... |
| V-48299 | Low | Samsung Knox Android must allow only the administrator/MDM to enforce a minimum password length. | Users must not be able to override the system policy on minimum password length because this could allow them to set passwords that are easily guessable or crackable. Only administrators and the... |
| V-48301 | Low | Samsung Knox Android must allow only the administrator/MDM to enforce a minimum password complexity. | Users must not be able to override the system policy on minimum password complexity because this could allow them to set passwords that are easily guessable or crackable. Only administrators and... |
