STIGQter STIGQter: STIG Summary: Samsung Android OS 7 with Knox 2.x Security Technical Implementation Guide Version: 1 Release: 6 Benchmark Date: 25 Oct 2019: The Samsung Android 7 with Knox must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DoD-approved commercial app repository, MDM server, mobile application store]. Disable unknown sources.

DISA Rule

SV-91221r1_rule

Vulnerability Number

V-76525

Group Title

PP-MDF-301080

Rule Version

KNOX-07-001200

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the Samsung Android 7 with Knox to disable unauthorized application repositories.

On the MDM console, deselect the "Allow Install Non Market App" checkbox in the "Android Restrictions" rule.

Note: Some MDM consoles may refer to "Unknown Sources" instead of "Non Market App".

Check Contents

Configuring an application installation policy on Samsung Android 7 with Knox by specifying an application repository involves two steps: (1) Disabling Google Play, (2) Disabling unknown application sources. This validation procedure covers the second of these steps.

Review Samsung Android 7 with Knox configuration settings to determine if the mobile device has only approved application repositories (DoD-approved commercial app repository, MDM server, and/or mobile application store).

This validation procedure is performed on both the MDM Administration Console and the Samsung Android 7 with Knox device.

On the MDM console, do the following:
1. Ask the MDM administrator to display the "Allow Install Non Market App" checkbox in the "Android Restrictions" rule.
2. Verify the checkbox is not selected.

On the Samsung Android 7 with Knox device, do the following:
1. Open the device settings.
2. Select "Lock screen and security".
3. Attempt to enable "Unknown sources".
4. Verify it cannot be enabled.

If the MDM console "Allow Install Non Market App" checkbox is selected or on the Samsung Android 7 with Knox device, the user can successfully enable "Unknown sources", this is a finding.

Vulnerability Number

V-76525

Documentable

False

Rule Version

KNOX-07-001200

Severity Override Guidance

Configuring an application installation policy on Samsung Android 7 with Knox by specifying an application repository involves two steps: (1) Disabling Google Play, (2) Disabling unknown application sources. This validation procedure covers the second of these steps.

Review Samsung Android 7 with Knox configuration settings to determine if the mobile device has only approved application repositories (DoD-approved commercial app repository, MDM server, and/or mobile application store).

This validation procedure is performed on both the MDM Administration Console and the Samsung Android 7 with Knox device.

On the MDM console, do the following:
1. Ask the MDM administrator to display the "Allow Install Non Market App" checkbox in the "Android Restrictions" rule.
2. Verify the checkbox is not selected.

On the Samsung Android 7 with Knox device, do the following:
1. Open the device settings.
2. Select "Lock screen and security".
3. Attempt to enable "Unknown sources".
4. Verify it cannot be enabled.

If the MDM console "Allow Install Non Market App" checkbox is selected or on the Samsung Android 7 with Knox device, the user can successfully enable "Unknown sources", this is a finding.

Check Content Reference

M

Target Key

3253

Comments