Network WLAN AP-IG Platform STIG

Network WLAN AP-IG Platform Security Technical Implementation Guide

ID Vuln ID Title Cat Status
WLAN-NW-000300 V-243208 The WLAN inactive session timeout must be set for 30 minutes or less. Cat II
WLAN-NW-000900 V-243212 The WLAN access point must be configured for Wi-Fi Alliance WPA2 or WPA3 security. Cat II
WLAN-NW-001200 V-243214 The network device must be configured to only permit management traffic that ingresses and egresses the out-of-band management (OOBM) interface. Cat II
WLAN-NW-000200 V-243207 WLAN SSIDs must be changed from the manufacturer's default to a pseudo random word that does not identify the unit, base, organization, etc. Cat III
WLAN-NW-000400 V-243209 WLAN components must be Wi-Fi Alliance certified with WPA2 or WPA3. Cat II
WLAN-NW-000600 V-243210 WLAN components must be FIPS 140-2 or FIPS 140-3 certified. Cat II
WLAN-NW-001000 V-243213 DoD Components providing guest WLAN access (internet access only) must use separate WLAN or logical segmentation of the enterprise WLAN (e.g., separate service set identifier [SSID] and virtual LAN) or DoD network. Cat II
WLAN-NW-000800 V-243211 WLAN signals must not be intercepted outside areas authorized for WLAN access. Cat III
WLAN-NW-001300 V-243215 The network device must not be configured to have any feature enabled that calls home to the vendor. Cat II

Print

Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.
Print

Version Changes

If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.
Changes