Check: SRG-MPOL-012
Mobile Policy SRG:
SRG-MPOL-012
(in version v1 r2)
Title
The organization concept of operations (CONOPS) or site security plan must include guidance that signal amplification, antenna configuration, or other techniques must not be modified in Bluetooth radios that could affect signal detection or interception. (Cat II impact)
Discussion
If Bluetooth radio modifications have been made, security personnel cannot predict potential vulnerabilities of the system due to lack of security analysis of the modified state.
Check Content
Review the CONOPS or site security plan on the use of Bluetooth devices and determine if the radio is in conformance with the specifications. If wireless equipment or systems are activated inside the United States and Possessions, then this requirement is NA. If any modifications (signal amplification, antenna modification, etc.) have been made, this is a finding.
Fix Text
Update CONOPS or site security plan to include Bluetooth radios must not be modified through signal amplification, antenna configuration, or other techniques that could affect signal detection or interception.
Additional Identifiers
Rule ID:
Vulnerability ID: V-35930
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001438 |
The organization establishes usage restrictions for wireless access. |
Controls
Number | Title |
---|---|
AC-18 |
Wireless Access |