UCF STIG Viewer Logo

The mobile operating system must conduct a device integrity scan at least once every six hours.


Overview

Finding ID Version Rule ID IA Controls Severity
KNOX-05-001800 KNOX-05-001800 KNOX-05-001800_rule Low
Description
Unauthorized changes to the operating system software or information on the system can possibly result in integrity or availability concerns. In order to quickly react to this situation, the operating system must detect these changes. One aspect of detection is the frequency at which the scans occur. The ability to set an appropriate frequency mitigates the risk that an attack will go without detection longer than the scanning interval.
STIG Date
Samsung Knox Android 1.0 STIG 2013-05-03

Details

Check Text ( C-KNOX-05-001800_chk )
This check procedure is performed on both the MDM Administration Console and the Samsung Knox Android device. In some cases, there will be integrity services software that runs independently from the MDM.

Check that the appropriate setting is configured on the MDM or integrity services server.

For example, on the Fixmo Sentinel Administration Console:
1. Ask the MDM administrator to display the "Scan Freq" setting in the "Android Communication Frequency" rule.
2. Verify the value of the setting is 6 or less.

On the Samsung Knox Android device, open the application list and verify the presence of an integrity services agent. For example, if the integrity services agent is Fixmo Sentinel:
1. Open the Fixmo Sentinel MDM agent.
2. Press the menu button and select Details.
3. Verify the configured value for "Scan Freq" is 6 or less.

If the configured value for "Scan Freq" is greater than 6 on either the MDM console or in the integrity services agent, this is a finding.
Fix Text (F-KNOX-05-001800_fix)
Configure the mobile operating system so that the device integrity validation scan frequency is at least once every six hours.

For example, on the Fixmo Sentinel Administration Console, set the "Scan Freq" value to 6 in the "Android Communication Frequency" rule.