Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The macOS system must be configured with Wi-Fi support software disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-95801 | AOSX-14-000008 | SV-104939r1_rule | Medium |
| Description |
|---|
| Allowing devices and users to connect to or from the system without first authenticating them allows untrusted access and can lead to a compromise or attack. Since wireless communications can be intercepted, it is necessary to use encryption to protect the confidentiality of information in transit. Wireless technologies include, for example, microwave, packet radio (UHF/VHF), 802.11x, and Bluetooth. Wireless networks use authentication protocols (e.g., EAP/TLS, PEAP), which provide credential protection and mutual authentication. Satisfies: SRG-OS-000299-GPOS-00117, SRG-OS-000300-GPOS-00118 |
| STIG | Date |
|---|---|
| Apple OS X 10.14 (Mojave) Security Technical Implementation Guide | 2019-12-20 |
Details
| Check Text ( C-94631r1_chk ) |
|---|
| If the system requires Wi-Fi to connect to an authorized network, this is Not Applicable. To check if the Wi-Fi network device is disabled, run the following command: /usr/bin/sudo /usr/sbin/networksetup -listallnetworkservices A disabled device will have an asterisk in front of its name. If the Wi-Fi device is missing this asterisk, this is a finding. |
| Fix Text (F-101469r1_fix) |
|---|
| To disable the Wi-Fi network device, run the following command: /usr/bin/sudo /usr/sbin/networksetup -setnetworkserviceenabled "Wi-Fi" off |