Title

Remote access devices will be configured so that the operation of the NIC and the modem are mutually exclusive. (Cat III impact)

Discussion

Disabling of the NIC while the modem is enabled reduces the risk associated with being on a LAN with a dial up connection.

Check Content

This check verifies the remote access device is configured to prevent simultaneous use of the NIC and modem for communications. Verify that the remote device is configured to use at least two hardware profiles. One profile enables the modem and disables the NIC, while the second profile disables the modem but enables the NIC. Navigate to the Control Panel folder and select the “System” applet. Select the “Hardware” tab for the System Properties menu. Click “Cancel” to return to the “System Properties” dialog box. Click the “Device Manager” button. Expand and view the properties for the modem and the Network Adapter (controller). Review the selection in the “Device Usage” area. Reboot and select another hardware profile upon restart. Repeat the above steps to view the modem and NIC in the other profile. If profiles are not in use on the remote device, this is a finding. If “Use this device (enable)” is selected for both the modem and the NIC in a single hardware profile, this is a finding.

Fix Text

Create a hardware profile that disables the modem when the network card is active.

Additional Identifiers

Rule ID: SV-6797r1_rule

Vulnerability ID: V-6651

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.