Check: LGA6-99-100010
LG Android 6-x STIG:
LGA6-99-100010
(in versions v1 r2 through v1 r1)
Title
LG Android 6.x must implement the management setting: Disable all non-approved preinstalled applications. (Cat II impact)
Discussion
Applications from various sources (including the vendor, the carrier, and Google) are installed on the device at the time of manufacture. Core apps are apps preinstalled by Google. Third-party preinstalled apps included apps from the vendor and carrier. Some of the applications can compromise DoD data or upload user's information to non-DoD approved servers. A user must be blocked from using such applications that exhibit behavior that can result in compromise of DoD data or DoD user information. The site administrator must analyze all pre-installed applications on the device and block all applications not approved for DoD use by configuring the "Application blacklist configuration (launch)". SFR ID: FMT_SMF_EXT.1.1 #45
Check Content
This validation procedure is performed on the MDM Administration Console. On the MDM console, do the following: 1. Ask the MDM administrator to display the "Application blacklist configuration (launch)” setting in the "Android Application" rule. 2. Verify the list contains all non-approved preinstalled applications. 3. Verify the policy has been assigned to all groups. See the Supplemental document for more information. If on the MDM console the "Application blacklist configuration (launch)" configuration does not contain all non-approved pre-installed applications, this is a finding.
Fix Text
Configure the mobile operating system to disable pre-installed applications which have not been approved by the Authorizing Official (AO). On the MDM Administration Console, add all pre-installed applications to the "Application blacklist configuration (launch)" setting in the "Android Applications" rule. Note: Refer to the Supplemental document for additional information.
Additional Identifiers
Rule ID: SV-81377r2_rule
Vulnerability ID: V-66887
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |