STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Google Android 16 COPE Security Technical Implementation Guide

V-276885

CAT II (Medium)

Google Android 16 must be configured to disable all data signaling over [assignment: list of externally accessible hardware ports (for example, USB)].

Rule ID

SV-276885r1140447_rule

STIG

Google Android 16 COPE Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-002235

Discussion

If a user is able to configure the security setting, the user could inadvertently or maliciously set it to a value that poses unacceptable risk to DOD information systems. An adversary could exploit vulnerabilities created by the weaker configuration to compromise DOD sensitive information. SFR ID: FMT_MOF_EXT.1.2 #24

Check Content

Review the device configuration to confirm that the USB port is disabled except for charging the device.

On the EMM console:

COBO and COPE:

1. Open "Set user restrictions".
2. Verify that "Disallow USB file transfer" is set to "ON".
 
If on the EMM console the USB port is not disabled ("Disallow USB file transfer" is set to "ON"), this is a finding.

Fix Text

Configure the Google Android 16 device to disable the USB port (except for charging the device).

On the EMM console:

COBO and COPE:

1. Open "Set user restrictions".
2. Toggle "Disallow USB file transfer" to "ON".

Configuration API: DISALLOW_USB_FILE_TRANSFER