STIGQter: STIG Summary: Motorola Android 9.x COBO Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 14 Oct 2020:

Motorola Android Pie must have the DoD root and intermediate PKI certificates installed.

DISA Rule

SV-230132r569707_rule

Vulnerability Number

V-230132

Group Title

GOOG-09-009000

Rule Version

MOTO-09-009000

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure Motorola Android Pie to install DoD root and intermediate certificates.

On the MDM console, upload DoD root and intermediate certificates as part of a device and/or work profile.

The current DoD root and intermediate PKI certificates may be obtained in self-extracting zip files at http://cyber.mil/pki-pke (for NIPRNet).

Check Contents

Review device configuration settings to confirm that the DoD root and intermediate PKI certificates are installed.

This procedure is performed on both the MDM Administration console and the Motorola Android Pie device.

The current DoD root and intermediate PKI certificates may be obtained in self-extracting zip files at http://cyber.mil/pki-pke (for NIPRNet).

On the MDM console, verify that the DoD root and intermediate certificates are part of a device and/or work profile that is being pushed down to the devices.

On the Android Pie device:
1. Open Settings.
2. Tap "Security & Location".
3. Tap on "Advanced".
4. Tap on "Encryption & credentials".
5. Tap on "Trusted credentials".
6. Verify that DoD root and intermediate PKI certificates are listed under the user tab.

If on the MDM console the DoD root and intermediate certificates are not listed in a profile, or the Motorola Android Pie device does not list the DoD root and intermediate certificates under the user tab, this is a finding.

Vulnerability Number

V-230132

Documentable

False

Rule Version

MOTO-09-009000

Severity Override Guidance

Review device configuration settings to confirm that the DoD root and intermediate PKI certificates are installed.

This procedure is performed on both the MDM Administration console and the Motorola Android Pie device.

The current DoD root and intermediate PKI certificates may be obtained in self-extracting zip files at http://cyber.mil/pki-pke (for NIPRNet).

On the MDM console, verify that the DoD root and intermediate certificates are part of a device and/or work profile that is being pushed down to the devices.

On the Android Pie device:
1. Open Settings.
2. Tap "Security & Location".
3. Tap on "Advanced".
4. Tap on "Encryption & credentials".
5. Tap on "Trusted credentials".
6. Verify that DoD root and intermediate PKI certificates are listed under the user tab.

If on the MDM console the DoD root and intermediate certificates are not listed in a profile, or the Motorola Android Pie device does not list the DoD root and intermediate certificates under the user tab, this is a finding.

Check Content Reference

M

Target Key

5234

Comments