Detections
Analytics
KNOX-07-017000 - The Samsung DeX Station multimedia dock must not be connected directly to a DoD network.
Information
If the Samsung DeX Station multimedia dock is connected to a DoD network, the Samsung smartphone connected to the DeX Station will be connected to the DoD network as well. The Samsung smartphone most likely has a number of personal apps installed that may include malware or have high risk behaviors (for example, off load data from the phone to third-party servers outside the United States). In addition, Smartphones do not generally meet security requirements for computer devices to connect directly to DD networks.Note: The Samsung DeX Station will not work unless "USB host storage" is enabled (see requirement KNOX-07-012600 for more information).
SFR ID: FMT_MOF_EXT.1.2 #47
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
When using the DeX Station multimedia dock with a DoD Samsung smartphone, do not connect the DeX Station to a DoD network via a wired or wireless connection.Note: This setting cannot be managed by the MDM administrator and is a User Based Enforcement (UBE) requirement.
See Also
https://iasecontent.disa.mil/stigs/zip/U_Samsung_Android_OS_7_with_Knox_2-x_V1R1_STIG.zip
Item Details
Category: CONFIGURATION MANAGEMENT
References: 800-53|CM-6(1), 800-53|CM-6b., CAT|II, CCI|CCI-000366, CCI|CCI-000370, Rule-ID|SV-91293r1_rule, STIG-ID|KNOX-07-017000, Vuln-ID|V-76597
Plugin: MDM
Control ID: ee0609da3ccce3c53913e07fab4a99e20fdfe0ce749111eb8900564c995c7e7e