Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
WLAN components must be FIPS 140-2 or FIPS 140-3 certified.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-243221 | WLAN-NW-000600 | SV-243221r720118_rule | Medium |
| Description |
|---|
| If the DoD WLAN components (WLAN AP, controller, or client) are not NIST FIPS 140-2/FIPS 140-3 (Cryptographic Module Validation Program, CMVP) certified, the WLAN system may not adequately protect sensitive unclassified DoD data from compromise during transmission. |
| STIG | Date |
|---|---|
| Network WLAN AP-NIPR Platform Security Technical Implementation Guide | 2021-04-16 |
Details
| Check Text ( C-46496r720116_chk ) |
|---|
| Review the WLAN equipment specification and verify it is FIPS 140-2/3 (CMVP) certified for data in transit, including authentication credentials. If the WLAN equipment is not is FIPS 140-2/3 (CMVP) certified, this is a finding. |
| Fix Text (F-46453r720117_fix) |
|---|
| Use WLAN equipment that is FIPS 140-2/3 (CMVP) certified. |