Check: KNOX-14-240110
Samsung Android OS 14 with Knox 3.x COPE STIG:
KNOX-14-240110
(in versions v1 r2 through v1 r1)
Title
Samsung Android must be configured to disable ad hoc wireless client-to-client connection capability. (Cat II impact)
Discussion
Ad hoc wireless client-to-client connections allow mobile devices to communicate with each other directly, circumventing network security policies and making the traffic invisible. This could allow the exposure of sensitive DOD data and increase the risk of downloading and installing malware of the DOD mobile device. SFR ID: FMT_SMF_EXT.1.1/WLAN
Check Content
Review the configuration to determine if the Samsung Android devices are disallowing Wi-Fi Direct. This validation procedure is performed on both the management tool and the Samsung Android device. On the management tool, in the user restrictions, verify "Wi-Fi Direct" has been set to "Disallow". On the Samsung Android device: 1. Open Settings >> Connections >> Wi-Fi. 2. From the hamburger menu, select Wi-Fi Direct. 3. Verify no available devices are listed. If on the management tool "Wi-Fi Direct" is not set to "Disallow", or on the Samsung Android device a Wi-Fi direct device is listed that can be connected to, this is a finding.
Fix Text
Configure the Samsung Android devices to disallow Wi-Fi Direct. On the management tool, in the user restrictions, set "Wi-Fi Direct" to "Disallow". Wi-Fi direct connections and pairing between devices will become unavailable.
Additional Identifiers
Rule ID: SV-258702r931306_rule
Vulnerability ID: V-258702
Group Title: PP-MDF-333330
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-002536 |
The information system protects organization-defined external and internal wireless links from organization-defined types of signal parameter attacks or references to sources for such attacks. |
Controls
Number | Title |
---|---|
SC-40 |
Wireless Link Protection |