Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-36003 | SRG-MPOL-085 | SV-47319r1_rule | Medium |
Description |
---|
If an adversary is able to gain physical access to a SWLAN device, he/she may be able to compromise the device in a variety of ways, some of which could enable the adversary to obtain classified data. Physical security controls greatly mitigate this risk. The following physical security controls must be implemented for SWLAN access points: - Secure WLAN access points shall be physically secured, and methods shall exist to facilitate the detection of tampering. WLAN APs are part of a communications system and shall have controlled physical security, in accordance with DoDD 5200.08-R. SWLAN access points not within a location that provides limited access shall have controlled physical security with either fencing or inspection. - Either physical inventories or electronic inventories shall be conducted daily by viewing or polling the serial number or MAC address. Access points not stored in a COMSEC-approved security container shall be physically inventoried. |
STIG | Date |
---|---|
Mobile Policy Security Requirements Guide | 2013-01-24 |
Check Text ( C-44240r1_chk ) |
---|
Review the physical security controls of the SWLAN access points. - Verify site SWLAN access points are physically secured. - Verify there is some method for alerting site security if the access point has been tampered with. - Determine if site SWLAN access points are in locations that provide limited access to only authorized personnel who are approved to access the access points. - Determine how the site conducts a daily physical inventory of SWLAN access points. Verify that required inventory methods are used, depending on whether the access points are stored in a COMSEC container. If physical security controls are not implemented for SWLAN access points, this is a finding. |
Fix Text (F-40530r1_fix) |
---|
Implement required physical security controls for the SWLAN. |