STIGQter STIGQter: STIG Summary: Samsung Android (with Knox 2.x) STIG Version: 1 Release: 4 Benchmark Date: 22 Apr 2016: The Samsung Knox for Android platform must be configured to enforce an application installation policy by specifying one or more authorized application repositories: disable unknown sources.

DISA Rule

SV-70305r1_rule

Vulnerability Number

V-56051

Group Title

PP-MDF-001004

Rule Version

KNOX-35-009010

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the mobile operating system to disable application installations from unknown sources.

On the MDM Administration Console, disable "Allow Unknown Sources" in the "Android Restrictions" rule.

Check Contents

Configuring an application installation policy on Samsung Knox for Android by specifying an application repository involves three steps: (1) Disabling Google Play, (2) Disabling unknown application sources, and (3) Enrolling in MDM (which designates the repository). This validation procedure covers the second of these steps. It is performed on both the MDM Administration Console and the Samsung Knox for Android device.

On the MDM Administration Console:
1. Ask the MDM administrator to display the "Allow Unknown Sources" settings in the "Android Restrictions" rule.
2. Verify it is disabled.

On the Samsung Knox for Android device:
1. Open the device settings.
2. Select "Security".
3. Attempt to enable "Unknown sources".
4. Verify it cannot be enabled.

If the "Enable Google Play" setting is not disabled, or if a user can successfully enable "Unknown sources" on the device, this is a finding.

Vulnerability Number

V-56051

Documentable

False

Rule Version

KNOX-35-009010

Severity Override Guidance

Configuring an application installation policy on Samsung Knox for Android by specifying an application repository involves three steps: (1) Disabling Google Play, (2) Disabling unknown application sources, and (3) Enrolling in MDM (which designates the repository). This validation procedure covers the second of these steps. It is performed on both the MDM Administration Console and the Samsung Knox for Android device.

On the MDM Administration Console:
1. Ask the MDM administrator to display the "Allow Unknown Sources" settings in the "Android Restrictions" rule.
2. Verify it is disabled.

On the Samsung Knox for Android device:
1. Open the device settings.
2. Select "Security".
3. Attempt to enable "Unknown sources".
4. Verify it cannot be enabled.

If the "Enable Google Play" setting is not disabled, or if a user can successfully enable "Unknown sources" on the device, this is a finding.

Check Content Reference

M

Target Key

2699

Comments