Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-35640 | SRG-APP-000242-MAPP-NA | SV-46927r1_rule | Medium |
Description |
---|
Use of non-modifiable storage ensures the integrity of the software program from the point of creation of the read-only image. Organizations may require the information system to load specified applications from hardware enforced read-only media. Hardware-enforced, read-only media include, CD-R/DVD-R disk drives. Rationale for non-applicability: Given the small form factor of mobile devices and the necessity to minimize the size and number of components, mobile devices are not expected to support read-only media for any application. Even in cases in which this requirement was enforced, it would be as a result of a policy requirement on specialized hardware. There is no technical means for an application to enforce this control as it has no control over the hardware on which it resides. |
STIG | Date |
---|---|
Mobile Application Security Requirements Guide | 2013-01-04 |
Check Text ( C-43982r1_chk ) |
---|
This requirement is NA for the MAPP SRG. |
Fix Text (F-40182r1_fix) |
---|
The requirement is NA. No fix is required. |