STIGhubSTIGhub
STIGhub— A free STIG search and compliance tool·STIGs updated just now
Powered by Pylon·Privacy·Terms·Feedback·© 2026 Beacon Cloud Solutions, Inc.
← Back to Google Android 17 COBO Security Technical Implementation Guide

V-284733

CAT II (Medium)

Google Android 17 must be configured to disable all data signaling over [assignment: list of externally accessible hardware ports (for example, USB)].

Rule ID

SV-284733r1240604_rule

STIG

Google Android 17 COBO Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-002235

Discussion

If a user is able to configure the security setting, the user could inadvertently or maliciously set it to a value that poses unacceptable risk to DoW information systems. An adversary could exploit vulnerabilities created by the weaker configuration to compromise DoW sensitive information. SFR ID: FMT_MOF_EXT.1.2 #24

Check Content

Review the device configuration to confirm that the USB port is disabled except for charging the device.

On the EMM console:

COBO and COPE:

1. Open "Set user restrictions".
2. Verify that "Disallow USB file transfer" is set to "ON".
 
If on the EMM console the USB port is not disabled ("Disallow USB file transfer" is set to "ON"), this is a finding.

Fix Text

Configure the Google Android 17 device to disable the USB port (except for charging the device).

On the EMM console:

COBO and COPE:

1. Open "Set user restrictions".
2. Toggle "Disallow USB file transfer" to "ON".

Configuration API: DISALLOW_USB_FILE_TRANSFER