Samsung Android OS 8 (with Knox 3.x) STIG Ver 1, Rel 3 Checklist Details (Checklist Revisions)

Supporting Resources:


Target CPE Name
Google Android 8.0 cpe:/o:google:android:8.0 (View CVEs)

Checklist Highlights

Checklist Name:
Samsung Android OS 8 (with Knox 3.x) STIG
Checklist ID:
Ver 1, Rel 3
Review Status:
Governmental Authority: Defense Information Systems Agency
Original Publication Date:

Checklist Summary:

The Samsung Android OS 8 with Knox 3.x Security Technical Implementation Guide (STIG) provides the technical security policies, requirements, and implementation details for applying security concepts to Samsung Android 8 with Knox devices. The scope of this STIG covers only the Corporate Owned Personally Enabled (COPE) and Corporate Owned Business Only (COBO)1 use cases. The Bring Your Own Device (BYOD) and Choose Your Own Device (CYOD)2 use cases are not in scope for this STIG. This STIG is published as two documents, one covering the COPE use case and the other covering the COBO use case.

Checklist Role:

  • Operating System

Known Issues:

Not provided.

Target Audience:

This document is a requirement for all DoD administered systems and all systems connected to DoD networks. These requirements are designed to assist Security Managers (SMs), Information Assurance Managers (IAMs), Information Assurance Officers (IAOs), and System Administrators (SAs) with configuring and maintaining security controls.

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not provided.

Regulatory Compliance:

DoD Directive (DoDD) 8500.1 and 8500.2


Comments or proposed revisions to this document should be sent via email to the following address: DISA will coordinate all change requests with the relevant DoD organizations before inclusion in this document. Approved changes will be made in accordance with the DISA maintenance release schedule.


Not provided.

Product Support:

Parties within the DoD and Federal Government’s computing environments can obtain the applicable STIG from the Information Assurance Support Environment (IASE) website. This site contains the latest copies of any STIGs, SRGs, and other related security information. The address for the IASE site is

Point of Contact:


Not provided.


Not provided.

Change History:

New Checklist - 6/26/2018
Updated to FINAL - 7/27/18
Corrected SHA discrepancy - 8/6/18
updated to  Ver 1, Rel 2 - 1/22/19
Updated to FINAL - 2/19/19
Updated URLs - 6/13/19
Updated URLs - 8/12/2019
updated URLs - 11/1/19
Updated URLs per DISA - 4/24/2020
Sunset as per DISA - 8/4/2020
sunset per disa - 8/4/2020


URL Description


Reference URL Description

NIST checklist record last modified on 08/04/2020