Check: WIR0115-3
WLAN Controller STIG (STIG):
WIR0115-3
(in version v6 r15)
Title
WLAN components must be FIPS 140-2 certified. (Cat II impact)
Discussion
If the DoD WLAN components (WLAN AP, controller, or client) are not NIST FIPS 140-2 (Cryptographic Module Validation Program – CMVP) certified, the WLAN system may not adequately protect sensitive unclassified DoD data from compromise during transmission.
Check Content
Review the WLAN equipment specification and verify it is FIPS 140-2 (CMVP) certified for data in transit, including authentication credentials. If the WLAN equipment is not is FIPS 140-2 (CMVP) certified, this is a finding.
Fix Text
Use WLAN equipment that is FIPS 140-2 (CMVP) certified.
Additional Identifiers
Rule ID: SV-102339r1_rule
Vulnerability ID: V-92237
Group Title: WLAN FIPS 140-2 Certified
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |