Network WLAN AP-IG Platform STIG

Network WLAN AP-IG Platform Security Technical Implementation Guide

ID Vuln ID Title Cat Status
WLAN-NW-000300 V-243208 The WLAN inactive session timeout must be set for 30 minutes or less. Cat II
WLAN-NW-000900 V-243212 The WLAN access point must be configured for Wi-Fi Alliance WPA2 or WPA3 security. Cat II
WLAN-NW-001200 V-243214 The network device must be configured to only permit management traffic that ingresses and egresses the out-of-band management (OOBM) interface. Cat II
WLAN-NW-000200 V-243207 WLAN SSIDs must be changed from the manufacturer's default to a pseudo random word that does not identify the unit, base, organization, etc. Cat III
WLAN-NW-000400 V-243209 WLAN components must be Wi-Fi Alliance certified with WPA2 or WPA3. Cat II
WLAN-NW-000600 V-243210 WLAN components must be FIPS 140-2 or FIPS 140-3 certified. Cat II
WLAN-NW-001000 V-243213 DoD Components providing guest WLAN access (internet access only) must use separate WLAN or logical segmentation of the enterprise WLAN (e.g., separate service set identifier [SSID] and virtual LAN) or DoD network. Cat II
WLAN-NW-000800 V-243211 WLAN signals must not be intercepted outside areas authorized for WLAN access. Cat III
WLAN-NW-001300 V-243215 The network device must not be configured to have any feature enabled that calls home to the vendor. Cat II


Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.

Version Changes

If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.