UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The organization must ensure physical security controls are implemented for Secure WLAN (SWLAN) access points.


Overview

Finding ID Version Rule ID IA Controls Severity
V-36003 SRG-MPOL-085 SV-47319r1_rule Medium
Description
If an adversary is able to gain physical access to a SWLAN device, he/she may be able to compromise the device in a variety of ways, some of which could enable the adversary to obtain classified data. Physical security controls greatly mitigate this risk. The following physical security controls must be implemented for SWLAN access points: - Secure WLAN access points shall be physically secured, and methods shall exist to facilitate the detection of tampering. WLAN APs are part of a communications system and shall have controlled physical security, in accordance with DoDD 5200.08-R. SWLAN access points not within a location that provides limited access shall have controlled physical security with either fencing or inspection. - Either physical inventories or electronic inventories shall be conducted daily by viewing or polling the serial number or MAC address. Access points not stored in a COMSEC-approved security container shall be physically inventoried.
STIG Date
Mobile Policy Security Requirements Guide 2013-01-24

Details

Check Text ( C-44240r1_chk )
Review the physical security controls of the SWLAN access points.

- Verify site SWLAN access points are physically secured.
- Verify there is some method for alerting site security if the access point has been tampered with.
- Determine if site SWLAN access points are in locations that provide limited access to only authorized personnel who are approved to access the access points.
- Determine how the site conducts a daily physical inventory of SWLAN access points. Verify that required inventory methods are used, depending on whether the access points are stored in a COMSEC container.

If physical security controls are not implemented for SWLAN access points, this is a finding.
Fix Text (F-40530r1_fix)
Implement required physical security controls for the SWLAN.