The network element must authenticate devices before establishing wireless network connections using bidirectional authentication between cryptographically based devices.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-34101	SRG-NET-000150-DNS-NA	SV-44554r1_rule		Medium

Description
Without authentication, an unauthorized user can easily connect to a nearby access-point (AP) within the enclave. In addition, a rogue AP owned by an attacker can accept connections from wireless stations enabling it to intercept traffic and initiate man-in-the-middle attacks before allowing traffic to flow to the intended host. Hence, it is imperative that authentication is bidirectional using cryptography to ensure a high level of trust and authenticity. Network device authentication is not a function of DNS.

Description

Without authentication, an unauthorized user can easily connect to a nearby access-point (AP) within the enclave. In addition, a rogue AP owned by an attacker can accept connections from wireless stations enabling it to intercept traffic and initiate man-in-the-middle attacks before allowing traffic to flow to the intended host. Hence, it is imperative that authentication is bidirectional using cryptography to ensure a high level of trust and authenticity. Network device authentication is not a function of DNS.

STIG	Date
Domain Name System (DNS) Security Requirements Guide	2012-10-24

Details

Check Text ( C-42060r1_chk )
This is not a function of DNS.

Fix Text (F-38011r1_fix)
This requirement is NA for DNS. No fix required.