| KNOX-07-000100 - The Samsung Android 7 with Knox must be configured to enforce a minimum password length of six characters. | IDENTIFICATION AND AUTHENTICATION |
| KNOX-07-000200 - The Samsung must be configured to not allow passwords with more than two repeating or sequential characters - Characters | CONFIGURATION MANAGEMENT |
| KNOX-07-000200 - The Samsung must be configured to not allow passwords with more than two repeating or sequential characters - Numbers | CONFIGURATION MANAGEMENT |
| KNOX-07-000500 - The Samsung Android 7 with Knox must be configured to lock the display after 15 minutes (or less) of inactivity. | ACCESS CONTROL |
| KNOX-07-000600 - The Samsung Android 7 with Knox must be configured to not allow more than 10 consecutive failed authentication attempts. | ACCESS CONTROL |
| KNOX-07-001100 - The Samsung Android 7 with Knox must be configured to enforce an application installation policy. Disable Google Play. | CONFIGURATION MANAGEMENT |
| KNOX-07-001200 - The Samsung Android 7 with Knox must be configured to enforce an application installation policy. Disable unknown sources. | CONFIGURATION MANAGEMENT |
| KNOX-07-001400 - The Samsung Android 7 with Knox must be configured to enforce an application installation policy. | CONFIGURATION MANAGEMENT |
| KNOX-07-001600 - The Samsung whitelist must be configured to not include applications that Back up MD data to non-DoD cloud servers. | CONFIGURATION MANAGEMENT |
| KNOX-07-001700 - The Samsung whitelist must be configured to not include applications that Transmit MD diagnostic data to non-DoD servers. | CONFIGURATION MANAGEMENT |
| KNOX-07-001800 - The Samsung whitelist must be configured to not include applications with Voice assistant available when MD is locked. | CONFIGURATION MANAGEMENT |
| KNOX-07-001900 - The Samsung whitelist must be configured to not include applications with Voice dialing application when MD is locked. | CONFIGURATION MANAGEMENT |
| KNOX-07-002000 - The Samsung whitelist must be configured to not include applications that Allows synchronization of data. | CONFIGURATION MANAGEMENT |
| KNOX-07-002200 - The Samsung whitelist must be configured to not include applications that Allows unencrypted data sharing. | CONFIGURATION MANAGEMENT |
| KNOX-07-002400 - Disable all Bluetooth profiles except for HSP, HFP, and SPP - Bluetooth Audio Only | CONFIGURATION MANAGEMENT |
| KNOX-07-002400 - Disable all Bluetooth profiles except for HSP, HFP, and SPP - HSP, HFP, and SPP profiles | CONFIGURATION MANAGEMENT |
| KNOX-07-002600 - The Samsung must be configured to not display the following notifications when the device is locked: All notifications. | SYSTEM AND COMMUNICATIONS PROTECTION |
| KNOX-07-003000 - The Samsung must be configured to enable encryption for information at rest on removable storage media. | SYSTEM AND COMMUNICATIONS PROTECTION |
| KNOX-07-003300 - The Samsung must be configured to disable authentication mechanisms providing user access to protected data - Password | CONFIGURATION MANAGEMENT |
| KNOX-07-003300 - The Samsung must be configured to disable authentication mechanisms providing user access to protected data - Trust Agents | CONFIGURATION MANAGEMENT |
| KNOX-07-003700 - The Samsung Android 7 with Knox must be configured to disable developer modes. | CONFIGURATION MANAGEMENT |
| KNOX-07-004300 - The Samsung must be configured to display the DoD advisory warning message at start-up or when the user unlocks the device. | ACCESS CONTROL |
| KNOX-07-004500 - The Samsung Android 7 with Knox must be configured to disable USB mass storage mode. | CONFIGURATION MANAGEMENT |
| KNOX-07-004700 - The Samsung must be configured to not allow backup of [all applications, configuration data] to locally connected systems. | ACCESS CONTROL |
| KNOX-07-004900 - The Samsung must be configured to not allow backup to remote systems: Deselect Allow Google Backup. | ACCESS CONTROL |
| KNOX-07-004950 - The Samsung must be configured to not allow backup to remote systems: Disable Allow Google Accounts Auto Sync. | ACCESS CONTROL |
| KNOX-07-005100 - The Samsung must be configured to enable authentication of hotspot connections to the device using a preshared key. | ACCESS CONTROL |
| KNOX-07-005500 - The Samsung must be configured to disable exceptions to the access control policy. | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| KNOX-07-005700 - The Samsung must be configured to disable automatic transfer of diagnostic data. Disable Google Crash Report. | CONFIGURATION MANAGEMENT |
| KNOX-07-005900 - The Samsung must be configured to disable automatic transfer of diagnostic data. Disable Report Diagnostic Info. | CONFIGURATION MANAGEMENT |
| KNOX-07-006100 - The Samsung Android 7 with Knox must be configured to disable multi-user modes. | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| KNOX-07-012100 - The Samsung Android 7 with Knox must implement the management setting: Enable CC mode. | CONFIGURATION MANAGEMENT |
| KNOX-07-012300 - The Samsung Android 7 with Knox must implement the management setting: Install DoD root and intermediate PKI certificates. | CONFIGURATION MANAGEMENT |
| KNOX-07-012400 - The Samsung Android 7 with Knox must implement the management setting: Disable Allow New Admin Install. | CONFIGURATION MANAGEMENT |
| KNOX-07-012500 - The Samsung Android 7 with Knox must implement the management setting: Configure application install blacklist. | CONFIGURATION MANAGEMENT |
| KNOX-07-012600 - The Samsung Android 7 with Knox must implement the management setting: Disable USB host storage. | CONFIGURATION MANAGEMENT |
| KNOX-07-012700 - The Samsung Android 7 with Knox must implement the management setting: Disable S Voice. | CONFIGURATION MANAGEMENT |
| KNOX-07-012800 - The Samsung Android 7 with Knox must be configured to implement the management setting: Enable Container. | CONFIGURATION MANAGEMENT |
| KNOX-07-012900 - The Samsung Android 7 with Knox must implement the management setting: Disable Admin Remove. | CONFIGURATION MANAGEMENT |
| KNOX-07-013000 - The Samsung Android 7 with Knox must implement the management setting: Enable Certificate Revocation Status (CRL) Check. | CONFIGURATION MANAGEMENT |
| KNOX-07-013100 - The Samsung Android 7 with Knox must implement the management setting: Disable Manual Date Time Changes. | CONFIGURATION MANAGEMENT |
| KNOX-07-013900 - The Samsung Android 7 with Knox must implement the management setting: Disable Move Files from Container to Personal. | CONFIGURATION MANAGEMENT |
| KNOX-07-014300 - The Samsung Android 7 with Knox must implement the management setting: Container Account whitelist. | CONFIGURATION MANAGEMENT |
| KNOX-07-017000 - The Samsung DeX Station multimedia dock must not be connected directly to a DoD network. | CONFIGURATION MANAGEMENT |
| KNOX-07-017100 - The VPN client must be configured: 1. Disabled 2. Configured for container use only. 3. Configured for per app use. | ACCESS CONTROL |
| KNOX-07-017110 - The VPN client must be configured: 1. Disabled 2. Configured for container use only 3. Configured for per app use. | ACCESS CONTROL |
| KNOX-07-017120 - The VPN client must be configured: 1. Disabled 2. Configured for container use only. 3. Configured for per app use. | ACCESS CONTROL |
| KNOX-07-017130 - If a third-party VPN client is installed, it must not be configured with a DoD network (work) VPN profile. | ACCESS CONTROL |
| KNOX-07-017200 - The Samsung Android 7 with Knox must be configured to disable Phone Visibility. | CONFIGURATION MANAGEMENT |
| KNOX-07-017400 - The Samsung must be configured to disable authentication mechanisms providing user access. Disable Face Recognition. | CONFIGURATION MANAGEMENT |
