STIGQter STIGQter: STIG Summary: Samsung Android OS 7 with Knox 2.x Security Technical Implementation Guide Version: 1 Release: 6 Benchmark Date: 25 Oct 2019: The Samsung Android 7 with Knox must be configured to disable multi-user modes.

DISA Rule

SV-91265r1_rule

Vulnerability Number

V-76569

Group Title

PP-MDF-301280

Rule Version

KNOX-07-006100

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the Samsung Android 7 with Knox to disable multi-user modes.

On the MDM console, deselect the "Allow multi-user mode" setting in the "Android MultiUser" rule.

Note: This requirement is only applicable for tablet devices.

Check Contents

Review documentation on the Samsung Android 7 with Knox and inspect the configuration on the Samsung Android 7 with Knox to disable multi-user modes.
Note: This requirement is only applicable for tablet devices.

This validation procedure is performed on both the Samsung Android 7 with Knox device.

On the MDM console, do the following:
1. Ask the MDM administrator to display the "Allow multi-user mode" checkbox in the "Android Restrictions" rule.
2. Verify the checkbox is not selected.

On the Samsung Android 7 with Knox device, do the following:
1. Open the device settings.
2. Attempt to add a user in the "User" setting.
3. Verify that the "User" setting is not available.

If the MDM console "Allow multi-user mode" checkbox is selected or on the Samsung Android 7 with Knox device, the user is able to add a user, this is a finding.

Vulnerability Number

V-76569

Documentable

False

Rule Version

KNOX-07-006100

Severity Override Guidance

Review documentation on the Samsung Android 7 with Knox and inspect the configuration on the Samsung Android 7 with Knox to disable multi-user modes.
Note: This requirement is only applicable for tablet devices.

This validation procedure is performed on both the Samsung Android 7 with Knox device.

On the MDM console, do the following:
1. Ask the MDM administrator to display the "Allow multi-user mode" checkbox in the "Android Restrictions" rule.
2. Verify the checkbox is not selected.

On the Samsung Android 7 with Knox device, do the following:
1. Open the device settings.
2. Attempt to add a user in the "User" setting.
3. Verify that the "User" setting is not available.

If the MDM console "Allow multi-user mode" checkbox is selected or on the Samsung Android 7 with Knox device, the user is able to add a user, this is a finding.

Check Content Reference

M

Target Key

3253

Comments