UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

NSA Type1 products and required procedures must be used to protect classified data at rest (DAR) on wireless devices used on a classified WLAN or WMAN.


Overview

Finding ID Version Rule ID IA Controls Severity
V-3512 WIR0235 SV-3512r9_rule ECWN-1 High
Description
NSA Type 1 products provide a high level of assurance that cryptography is implemented correctly and meets the standards for storage of classified information. Use of cryptography that is not Type 1 certified violates policy and increases the risk that classified data will be compromised.
STIG Date
L3 KOV-26 Talon (Wireless Role) Security Technical Implementation Guide 2011-10-07

Details

Check Text ( C-4027r7_chk )
Detailed Policy requirements:

Type 1 products and required procedures must be used to protect classified data-at-rest on wireless computers that are used on a classified WLAN or WMAN.

If NSA Type1 certified DAR encryption is not available, the following requirements apply:

- The storage media shall be physically removed from the computer and stored within a COMSEC-approved security container when the computer is not being used.
- The entire computer shall be placed within a COMSEC-approved security container, if the computer has embedded storage media that cannot be removed.

Check Procedures:

Interview the IAO to determine if devices with wireless functionality (e.g., laptops or PDAs with embedded radios) are used to store classified data. If yes, verify the device is an NSA Type 1 certified product.
Mark as a finding if a Type 1 product is not used, or if the storage media or device is not stored in a COMSEC-approved security container when not in use.
Fix Text (F-34121r1_fix)
Immediately discontinue use of the non-compliant device.