STIGQter: STIG Summary: Honeywell Android 9.x COBO Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 14 Jan 2021:

Honeywell Mobility Edge Android Pie devices must have the DoD root and intermediate PKI certificates installed.

DISA Rule

SV-235055r626530_rule

Vulnerability Number

V-235055

Group Title

PP-MDF-991000

Rule Version

HONW-09-009000

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure Honeywell Android Pie devices to install DoD root and intermediate certificates.

On the MDM console, upload DoD root and intermediate certificates as part of a device and/or work profile.

The current DoD root and intermediate PKI certificates may be obtained in self-extracting zip files at http://cyber.mil/pki-pke (for NIPRNet).

Check Contents

Review device configuration settings to confirm that the DoD root and intermediate PKI certificates are installed.

This procedure is performed on both the MDM Administration console and the Honeywell Android Pie device.

The current DoD root and intermediate PKI certificates may be obtained in self-extracting zip files at http://cyber.mil/pki-pke (for NIPRNet).

On the MDM console, verify that the DoD root and intermediate certificates are part of a device and/or work profile that is being pushed down to the devices.

On the Honeywell Android Pie device:
1. Open Settings.
2. Tap "Security & Location".
3. Tap on "Advanced".
4. Tap on "Encryption & credentials".
5. Tap on "Trusted credentials".
6. Verify that DoD root and intermediate PKI certificates are listed under the user tab.

If on the MDM console the DoD root and intermediate certificates are not listed in a profile, or on the Honeywell Android Pie device does not list the DoD root and intermediate certificates under the user tab, this is a finding.

Vulnerability Number

V-235055

Documentable

False

Rule Version

HONW-09-009000

Severity Override Guidance

Review device configuration settings to confirm that the DoD root and intermediate PKI certificates are installed.

This procedure is performed on both the MDM Administration console and the Honeywell Android Pie device.

The current DoD root and intermediate PKI certificates may be obtained in self-extracting zip files at http://cyber.mil/pki-pke (for NIPRNet).

On the MDM console, verify that the DoD root and intermediate certificates are part of a device and/or work profile that is being pushed down to the devices.

On the Honeywell Android Pie device:
1. Open Settings.
2. Tap "Security & Location".
3. Tap on "Advanced".
4. Tap on "Encryption & credentials".
5. Tap on "Trusted credentials".
6. Verify that DoD root and intermediate PKI certificates are listed under the user tab.

If on the MDM console the DoD root and intermediate certificates are not listed in a profile, or on the Honeywell Android Pie device does not list the DoD root and intermediate certificates under the user tab, this is a finding.

Check Content Reference

M

Target Key

5275

Comments