Check: WLAN-NW-000300
Network WLAN AP-IG Platform STIG:
WLAN-NW-000300
(in version v7 r1)
Title
The WLAN inactive session timeout must be set for 30 minutes or less. (Cat II impact)
Discussion
A WLAN session that never terminates due to inactivity may allow an opening for an adversary to highjack the session to obtain access to the network.
Check Content
1. Review the relevant configuration screen of the WLAN controller or access point. 2. Verify the session timeout setting is set for 30 minutes or less. If this session timeout is not set to 30 minutes or less for the entire WLAN or the WLAN does not have the capability to enable the session timeout feature, this is a finding.
Fix Text
Set the WLAN inactive session timeout to 30 minutes or less.
Additional Identifiers
Rule ID: SV-243208r720079_rule
Vulnerability ID: V-243208
Group Title: SRG-NET-000514
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000057 |
The information system initiates a session lock after the organization-defined time period of inactivity. |
Controls
Number | Title |
---|---|
AC-11 |
Session Lock |