The Samsung Android device must be configured to disable all data signaling over [assignment: list of externally accessible hardware ports (for example, USB)].
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-268973 | KNOX-15-010300 | SV-268973r1036015_rule | Medium |
| Description |
| If a user is able to configure the security setting, the user could inadvertently or maliciously set it to a value that poses unacceptable risk to DOD information systems. An adversary could exploit vulnerabilities created by the weaker configuration to compromise DOD sensitive information. SFRID: FMT_MOF_EXT.1.2 #24 |
| STIG | Date |
| Samsung Android OS 15 with Knox 3.x COBO Security Technical Implementation Guide | 2024-12-10 |
Details
| Check Text (C-73003r1036013_chk) |
| Review the device configuration to confirm the USB port is disabled except for charging the device. On the management tool: Verify "Disallow usb file transfer" is toggled to "OFF". If on the management tool the USB port is not disabled, this is a finding. |
| Fix Text (F-72904r1036014_fix) |
| Configure the Samsung device to disable the USB port (except for charging the device). On the management tool: Toggle "Disallow usb file transfer" to "OFF". |