UCF STIG Viewer Logo

Samsung Android (with Knox 2.x) STIG


Overview

Date Finding Count (60)
2015-01-05 CAT I (High): 2 CAT II (Med): 53 CAT III (Low): 5
STIG Description
Developed by Samsung Electronics Co., Ltd. in coordination with DISA for the DoD.

Available Profiles



Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-56037 High The Samsung Knox for Android platform must be configured to enable data-at-rest protection for built-in storage media.
V-56039 High The Samsung Knox for Android platform must be configured to enable data-at-rest protection for removable storage media.
V-56063 Medium The Samsung Knox for Android platform must be configured to disable developer modes.
V-56143 Medium The Samsung Knox for Android container must be configured to implement the management setting: configure application disable list.
V-56103 Medium The Samsung Knox for Android platform must be configured to implement the management setting: disable mobile printing.
V-56089 Medium The Samsung Knox for Android platform must be configured to implement the management setting: disable Google backup.
V-56047 Medium The Samsung Knox for Android container must be configured to lock the display after 15 minutes (or less) of inactivity.
V-56127 Medium The Samsung Knox for Android platform must be configured to implement the management setting: enable CC mode.
V-56123 Medium The Samsung Knox for Android container must be configured to implement the management setting: enable container.
V-56057 Medium The Samsung Knox for Android platform must be configured to disable USB mass storage mode.
V-56055 Medium The Samsung Knox for Android platform must be configured to enforce an application installation policy through application whitelist specifying a set of allowed applications and versions.
V-56053 Medium The Samsung Knox for Android platform must be configured to enforce an application installation policy by specifying one or more authorized application repositories: enroll in MDM.
V-56051 Medium The Samsung Knox for Android platform must be configured to enforce an application installation policy by specifying one or more authorized application repositories: disable unknown sources.
V-56073 Medium The Samsung Knox for Android platform must be configured to implement the management setting: disable Allow New Admin Install.
V-57447 Medium The Samsung Knox for Android container must be configured to implement the management setting. Disable sharing of calendar information outside the container.
V-56077 Medium The Samsung Knox for Android platform must be configured to implement the management setting: configure application disable list.
V-56059 Medium The Samsung Knox for Android platform must be configured to implement the management setting: disable USB debugging.
V-56093 Medium The Samsung Knox for Android platform must be configured to implement the management setting. Disable multi-user mode.
V-56091 Medium The Samsung Knox for Android platform must be configured to implement the management setting: configure Knox License.
V-56079 Medium The Samsung Knox for Android platform must be configured to implement the management setting: disable Google auto sync.
V-56095 Medium The Samsung Knox for Android platform must be configured to implement the management setting: disable public cloud backup apps.
V-56075 Medium The Samsung Knox for Android platform must be configured to implement the management setting: configure application install blacklist.
V-56099 Medium The Samsung Knox for Android platform must be configured to implement the management setting: disable S Voice.
V-56109 Medium The Samsung Knox for Android platform must be configured to implement the user-based enforcement setting: disable Samsung Account.
V-56145 Medium The Samsung Knox for Android container must be configured to implement the management setting: disable automatic completion of browser text input.
V-56097 Medium The Samsung Knox for Android platform must be configured to implement the user-based enforcement setting: disable messaging preview notifications in lock screen.
V-56161 Medium The Samsung Knox for Android container must be configured to implement the user-based enforcement setting: disable Samsung Account.
V-56117 Medium The Samsung Knox for Android platform must be configured to implement the management setting: disable Manual Date Time Changes.
V-57949 Medium The Samsung Knox for Android platform must be configured to disable firmware updates over-the-air (FOTA).
V-56105 Medium The Samsung Knox for Android platform must be configured to implement the management setting: disable NFC.
V-56133 Medium The Samsung Knox for Android container must be configured to enforce an application installation policy through application whitelist specifying a set of allowed applications and versions.
V-56071 Medium The Samsung Knox for Android platform must be configured to implement the management setting. Employ mobile device management services to centrally manage security relevant configuration and policy settings.
V-56107 Medium The Samsung Knox for Android platform must be configured to implement the user-based enforcement setting: disable screen mirroring.
V-56087 Medium The Samsung Knox for Android platform must be configured to implement the management setting. Not allow the device unlock password to contain more than two sequential or repeating characters (e.g., 456, aaa).
V-56081 Medium The Samsung Knox for Android platform must be configured to implement the management setting: disable Google crash report.
V-57451 Medium The Samsung Knox for Android container must be configured to implement the management setting. Disable sharing of notification details outside the container.
V-56049 Medium The Samsung Knox for Android platform must be configured to enforce an application installation policy by specifying one or more authorized application repositories: disable Google Play.
V-56101 Medium The Samsung Knox for Android platform must be configured to implement the management setting. Disable mobile payment.
V-56085 Medium The Samsung Knox for Android platform must be configured to implement the management setting: disable USB host storage.
V-56159 Medium The Samsung Knox for Android container must be configured to implement the management setting: Account blacklist.
V-56113 Medium The Samsung Knox for Android platform must be configured to disable USB media player.
V-56083 Medium The Samsung Knox for Android platform must be configured to implement the management setting: disable Wi-Fi Direct.
V-56111 Medium The Samsung Knox for Android platform must be configured to implement the user-based enforcement setting: disable Nearby devices.
V-56067 Medium The Samsung Knox for Android platform must be configured to implement the management setting: install DoD root and intermediate PKI certificates on the device.
V-56065 Medium The Samsung Knox for Android platform must be configured to implement the management setting: disable Insecure VPN Connections.
V-56129 Medium The Samsung Knox for Android platform must be configured to implement the management setting: disable all Bluetooth profiles except for HSP (Headset Profile), HFP (Hands-Free Profile), and SPP (Serial Port Profile).
V-56045 Medium The Samsung Knox for Android platform must be configured to lock the display after 15 minutes (or less) of inactivity.
V-56069 Medium The Samsung Knox for Android platform must be configured to implement the management setting: whitelist DoD root and intermediate PKI certificates.
V-56061 Medium The Samsung Knox for Android platform must be configured to implement the management setting: disable mock locations.
V-56135 Medium The Samsung Knox for Android container must be configured to implement the management setting: configure application install blacklist.
V-57449 Medium The Samsung Knox for Android container must be configured to implement the management setting. Disable sharing of contact information outside the container.
V-56137 Medium The Samsung Knox for Android container must be configured to implement the management setting: disable Move Applications to Container.
V-56141 Medium The Samsung Knox for Android container must be configured to implement the management setting: disable Move Files from Personal to Container.
V-56157 Medium The Samsung Knox for Android container must be configured to implement the management setting: Account whitelist.
V-56139 Medium The Samsung Knox for Android container must be configured to implement the management setting: disable Move Files from Container to Personal.
V-56115 Low The Samsung Knox for Android platform must be configured to require the user to manifest consent to the terms of the DoD-specified warning banner each time the user unlocks the device.
V-56121 Low The Samsung Knox for Android container must be configured to prohibit more than 10 consecutive failed authentication attempts.
V-56041 Low The Samsung Knox for Android platform must be configured to enforce a minimum password length of 6 characters.
V-56119 Low The Samsung Knox for Android container must be configured to enforce a minimum password length of 4 characters.
V-56043 Low The Samsung Knox for Android platform must be configured to prohibit more than 10 consecutive failed authentication attempts.