The Incident Response Plan (IRP) and/or SOP must have the required procedures for reporting the results of WMAN intrusion scans.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-35941 | SRG-MPOL-023 | SV-47257r1_rule | Low |
| Description |
|---|
| If scan results are not properly reported and acted on, the site could be vulnerable to wireless attack. This requirement originated in DTM 08-039, "Commercial Wireless Metropolitan Area Network (WMAN) Systems and Technology." |
| STIG | Date |
|---|---|
| Mobile Policy Security Requirements Guide | 2013-07-03 |
Details
| Check Text ( C-44178r1_chk ) |
|---|
| Review the site Incident Response Plan (IRP) or Standard Operating Procedure (SOP) to determine if it includes procedures for reporting unauthorized access, intrusion, jamming, or electromagnetic interference identified during active electromagnetic scanning for wireless systems that connect directly to DoD networks. If the IRP or SOP does not address these requirements, this is a finding. |
| Fix Text (F-40466r1_fix) |
|---|
| Update the IRP and/or SOP to have the required procedures for reporting the results of WMAN intrusion scans. |