Boundary protection applications must prevent discovery of specific system components (or devices) composing a managed interface.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-35670	SRG-APP-000252-MAPP-NA	SV-46957r1_rule		Medium

Description
Firewall control requirement for isolating and preventing the discovery of management interfaces. This control enhancement is intended to protect the network addresses of information system components that are part of the managed interface from discovery through common tools and techniques used to identify devices on a network. Rationale for non-applicability: The requirement for application sandboxing precludes applications from serving as a security boundary for other applications. If an application were granted the ability to perform this function, the application could perform a man-in-the-middle attack on other applications running on the device.

Description

Firewall control requirement for isolating and preventing the discovery of management interfaces. This control enhancement is intended to protect the network addresses of information system components that are part of the managed interface from discovery through common tools and techniques used to identify devices on a network. Rationale for non-applicability: The requirement for application sandboxing precludes applications from serving as a security boundary for other applications. If an application were granted the ability to perform this function, the application could perform a man-in-the-middle attack on other applications running on the device.

STIG	Date
Mobile Application Security Requirements Guide	2013-01-04

Details

Check Text ( C-44012r1_chk )
This requirement is NA for the MAPP SRG.

Fix Text (F-40212r1_fix)
e requirement is NA. No fix is required.