Title

The VMM must protect wireless access to the system using authentication of users and/or devices. (Cat II impact)

Discussion

Allowing devices and users to connect to the system without first authenticating them allows untrusted access and can lead to a compromise or attack. Wireless technologies include, for example, microwave, packet radio (UHF/VHF), 802.11x, and Bluetooth. Wireless networks use authentication protocols (e.g., EAP/TLS, PEAP), which provide credential protection and mutual authentication. This requirement applies to those VMMs that control wireless devices.

Check Content

Verify the VMM protects wireless access to the system using authentication of users and/or devices. If it does not, this is a finding.

Fix Text

Configure the VMM to protect wireless access to the system using authentication of users and/or devices.

Additional Identifiers

Rule ID: SV-207438r958678_rule

Vulnerability ID: V-207438

Group Title: SRG-OS-000300

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.