All wireless devices must be configured according to applicable operating system STIGs.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-14274 | WIR0150 | SV-14886r8_rule | ECSC-1 | Medium |
| Description |
|---|
| Security risks inherent to the particular client operating systems such as Windows and Linux must be mitigated in addition to wireless security risks to achieved multilayered security. |
| STIG | Date |
|---|---|
| Harris SecNet 11 / 54 Security Technical Implementation Guide | 2011-10-07 |
Details
| Check Text ( C-11768r3_chk ) |
|---|
| This check does not apply to PDAs. -Verify existence of applicable operating system SRR, Gold Disk review, and/or self assessment results. If some type of compliance review has not been performed, work with the Team Lead and Windows reviewer to run the Gold Disk or SRR scripts on a representative sample of the wireless laptops. -Mark this as a finding if: - The site has not regularly performed a Gold Disk/self assessment or - The Windows reviewer determines that the laptop is not STIG-compliant. NOTE: The OS review must include verification that the antivirus and personal firewall application(s) are installed and configured as required by the Desktop Application STIG. |
| Fix Text (F-34135r1_fix) |
|---|
| Reconfigure the operating system supporting the WLAN client so that it is compliant with the relevant OS STIG. |