Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Samsung Android 12 with Knox 3.x COBO Security Technical Implementation Guide
PP-MDF-990000
PP-MDF-990000
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
PP-MDF-990000
1 Rule
<GroupDescription></GroupDescription>
Samsung Android must be configured to enable Common Criteria (CC) Mode.
Low Severity
<VulnDiscussion>The CC Mode feature is a superset of other features and behavioral changes that are mandatory MDFPP requirements. If CC mode is not implemented the device will not be operating in the NIAP-certified compliant CC Mode of operation. When enforcing AE CC mode on a Samsung Android device, additional Samsung specific security features are also enabled. CC Mode implements the following behavioral/functional changes to meet MDFPP requirements: - How the Bluetooth and Wi-Fi keys are stored using different types of encryption. - Download Mode is disabled and all updates will occur via FOTA only In addition, CC Mode adds new restrictions, which are not to meet MDFPP requirements, but to offer better security above what is required: - Force password info following FOTA update for consistency - Disable Remote unlock by FindMyMobile - Restrict biometric attempts to 10 for better security SFR ID: FMT_MOF_EXT.1.2 #47</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>