STIGQter: STIG Summary: Samsung Android OS 8 with Knox 3.x COPE Use Case Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 25 Oct 2019: Samsung Android 8 with Knox must use a NIAP-certified CONTAINER for work data and applications.

DISA Rule

SV-95011r1_rule

Vulnerability Number

V-80307

Group Title

PP-MDF-991000

Rule Version

KNOX-08-007100

Severity

CAT I

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Deploy DoD Samsung mobile devices with the Knox CONTAINER and implement the Knox CONTAINER. (See requirement KNOX-08-007000.)

Note: Samsung Knox is currently the only CONTAINER technology/application that is NIAP certified for Samsung mobile devices.

Check Contents

Review Samsung Android 8 with Knox configuration settings to determine if the mobile device has the Knox CONTAINER enabled.

This validation procedure is performed on both the MDM Administration Console and the Samsung Android 8 with Knox device.

On the MDM console, do the following:
1. Ask the MDM Administrator to display the "Android Knox CONTAINER" rule.
2. Verify the existence of this rule.

On the Samsung Android 8 with Knox device, do the following:
Verify the existence of the Knox icon on the device home screen or application menu or the notification bar pull-down menu.

If the MDM console "Android Knox CONTAINER" rule is not found in the MDM agent rule list (MDM vendor-specific check) or on the Samsung Android 8 with Knox device, the Knox icon is not present, this is a finding.

Vulnerability Number

V-80307

Documentable

False

Rule Version

KNOX-08-007100

Severity Override Guidance

Review Samsung Android 8 with Knox configuration settings to determine if the mobile device has the Knox CONTAINER enabled.

This validation procedure is performed on both the MDM Administration Console and the Samsung Android 8 with Knox device.

On the MDM console, do the following:
1. Ask the MDM Administrator to display the "Android Knox CONTAINER" rule.
2. Verify the existence of this rule.

On the Samsung Android 8 with Knox device, do the following:
Verify the existence of the Knox icon on the device home screen or application menu or the notification bar pull-down menu.

If the MDM console "Android Knox CONTAINER" rule is not found in the MDM agent rule list (MDM vendor-specific check) or on the Samsung Android 8 with Knox device, the Knox icon is not present, this is a finding.

Check Content Reference

M

Target Key

3367

Comments