STIGQter: STIG Summary: Samsung Android OS 10 with Knox 3.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 20 Mar 2020: STIGQter: STIG Summary: Samsung Android OS 10 with Knox 3.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 20 Mar 2020:SV-109083r1_rule
V-99979
PP-MDF-991000
KNOX-10-011000
CAT II
10
Configure Samsung Android to disallow configuration of the date and time.
Do one of the following:
- Method #1: Restrict user from configuring time.
- Method #2: Require Auto Time.
- Method #3: Disable Date/Time change (KPE).
****
Method #1: Restrict user from configuring time.
On the management tool, in the device restrictions section, set "Config Date Time" to "Disallow".
****
Method #2: Require Auto Time.
On the management tool, in the device restrictions section, set "Set auto (network) time required" to "Required".
****
Method #3: Disable Date/Time change (KPE).
On the management tool, in the device KPE Date Time section, set "Date Time Change" to "Disable".
Note: Each method uses a different API to accomplish the same result. Any of the methods are acceptable.
Review Samsung Android configuration settings to determine if the configuration of the date and time is disallowed.
Confirm if Method #1, #2, or #3 is used at the Samsung device site and follow the appropriate procedure.
This validation procedure is performed on both the management tool Administration Console and the Samsung Android device.
****
Method #1: Restrict user from configuring time.
On the management tool, in the device restrictions section, verify that "Config Date Time" is set to "Disallow".
On the Samsung Android device, do the following:
1. Open Settings >> General management >> Date and time.
2. Verify that "Automatic data and time" is on and the user cannot disable it.
If on the management tool "Config Date Time" is not set to "Disallow", or on the Samsung Android device "Automatic date and time" is not set or the user can disable it, this is a finding.
****
Method #2: Require Auto Time.
On the management tool, in the device restrictions section, verify that "Set auto (network) time required" is set to "Required".
On the Samsung Android device, do the following:
1. Open Settings >> General management >> Date and time.
2. Verify that "Automatic data and time" is on and the user cannot disable it.
If on the management tool "Set auto (network) time required" is not set as "Required", or on the Samsung Android device "Automatic date and time" is not set or the user can disable it, this is a finding.
****
Method #3: Disable Date/Time change (KPE).
On the management tool, in the device KPE Date Time section, verify that "Date Time Change" is set to "Disable".
On the Samsung Android device, do the following:
1. Open Settings >> General management >> Date and time.
2. Verify that "Automatic data and time" is on and the user cannot disable it.
If on the management tool "Date Time Change" is not set to "Disable", or on the Samsung Android device "Automatic date and time" is not set or the user can disable it, this is a finding.
V-99979
False
KNOX-10-011000
Review Samsung Android configuration settings to determine if the configuration of the date and time is disallowed.
Confirm if Method #1, #2, or #3 is used at the Samsung device site and follow the appropriate procedure.
This validation procedure is performed on both the management tool Administration Console and the Samsung Android device.
****
Method #1: Restrict user from configuring time.
On the management tool, in the device restrictions section, verify that "Config Date Time" is set to "Disallow".
On the Samsung Android device, do the following:
1. Open Settings >> General management >> Date and time.
2. Verify that "Automatic data and time" is on and the user cannot disable it.
If on the management tool "Config Date Time" is not set to "Disallow", or on the Samsung Android device "Automatic date and time" is not set or the user can disable it, this is a finding.
****
Method #2: Require Auto Time.
On the management tool, in the device restrictions section, verify that "Set auto (network) time required" is set to "Required".
On the Samsung Android device, do the following:
1. Open Settings >> General management >> Date and time.
2. Verify that "Automatic data and time" is on and the user cannot disable it.
If on the management tool "Set auto (network) time required" is not set as "Required", or on the Samsung Android device "Automatic date and time" is not set or the user can disable it, this is a finding.
****
Method #3: Disable Date/Time change (KPE).
On the management tool, in the device KPE Date Time section, verify that "Date Time Change" is set to "Disable".
On the Samsung Android device, do the following:
1. Open Settings >> General management >> Date and time.
2. Verify that "Automatic data and time" is on and the user cannot disable it.
If on the management tool "Date Time Change" is not set to "Disable", or on the Samsung Android device "Automatic date and time" is not set or the user can disable it, this is a finding.
M
3613