STIGQter STIGQter: STIG Summary: Samsung Android OS 7 with Knox 2.x Security Technical Implementation Guide Version: 1 Release: 6 Benchmark Date: 25 Oct 2019: The Samsung Android 7 with Knox must implement the management setting: Disable S Voice.

DISA Rule

SV-91279r1_rule

Vulnerability Number

V-76583

Group Title

PP-MDF-991000

Rule Version

KNOX-07-012700

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the Samsung Android 7 with Knox to disable S Voice.

On the MDM console, deselect the "Allow S Voice" checkbox in the "Android Restrictions" rule.

Check Contents

Note, this requirement is Not Applicable if the AO has approved unmanaged personal space/container (COPE use case). The site must have an AO signed document showing the AO has assumed the risk for using an unmanaged personal container.

Review Samsung Android 7 with Knox configuration settings to determine if the mobile device is configured to disable S Voice.

This validation procedure is performed on both the MDM Administration Console and the Samsung Android 7 with Knox device.

On the MDM console, do the following:
1. Ask the MDM administrator to display the "Allow S Voice" checkbox in the "Android Restrictions" rule.
2. Verify the checkbox is not selected.

On the Samsung Android 7 with Knox device, do the following:
1. Open the device settings.
2. Select "Applications".
3. Verify the S Voice application cannot be selected.

If the MDM console "Allow S Voice" checkbox is selected or on the Samsung Android 7 with Knox device, the S Voice application can be launched, this is a finding.

Vulnerability Number

V-76583

Documentable

False

Rule Version

KNOX-07-012700

Severity Override Guidance

Note, this requirement is Not Applicable if the AO has approved unmanaged personal space/container (COPE use case). The site must have an AO signed document showing the AO has assumed the risk for using an unmanaged personal container.

Review Samsung Android 7 with Knox configuration settings to determine if the mobile device is configured to disable S Voice.

This validation procedure is performed on both the MDM Administration Console and the Samsung Android 7 with Knox device.

On the MDM console, do the following:
1. Ask the MDM administrator to display the "Allow S Voice" checkbox in the "Android Restrictions" rule.
2. Verify the checkbox is not selected.

On the Samsung Android 7 with Knox device, do the following:
1. Open the device settings.
2. Select "Applications".
3. Verify the S Voice application cannot be selected.

If the MDM console "Allow S Voice" checkbox is selected or on the Samsung Android 7 with Knox device, the S Voice application can be launched, this is a finding.

Check Content Reference

M

Target Key

3253

Comments