Title

The operating system must protect wireless access to and from the system using encryption. (Cat II impact)

Discussion

Allowing devices and users to connect to or from the system without first authenticating them allows untrusted access and can lead to a compromise or attack. Since wireless communications can be intercepted, it is necessary to use encryption to protect the confidentiality of information in transit. Wireless technologies include, for example, microwave, packet radio (UHF/VHF), 802.11x, and Bluetooth. Wireless networks use authentication protocols (e.g., EAP/TLS, PEAP), which provide credential protection and mutual authentication. This requirement applies to those operating systems that control wireless devices. Satisfies: SRG-OS-000299-GPOS-00117, SRG-OS-000481-GPOS-000481

Check Content

Verify the operating system protects wireless access to and from the system using encryption. If it does not, this is a finding. Ask the system administrator if Wifi or other wireless system is in use on the system.

Fix Text

Configure the operating system to protect wireless access to and from the system using encryption.

Additional Identifiers

Rule ID:

Vulnerability ID: V-1170

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.