Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The cryptography implemented by the Wireless Local Area Network (WLAN) components must be FIPS 140-2 validated.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-19900 | WIR0115-02 | SV-22070r3_rule | Medium |
| Description |
|---|
| Most known security breaches of cryptography result from improper implementation of the cryptography, not flaws in the cryptographic algorithms themselves. FIPS 140-2 validation provides assurance that cryptography is implemented correctly, and is required for Federal Government uses of cryptography in non-classified applications. |
| STIG | Date |
|---|---|
| Network Infrastructure Policy Security Technical Implementation Guide | 2016-12-22 |
Details
| Check Text ( C-25550r2_chk ) |
|---|
| Review the WLAN system product documentation. Verify the system is WPA2-Enterprise certified by the Wi-Fi Alliance. If the WLAN product is not WPA2-Enterprise certified, this is a finding. |
| Fix Text (F-34115r2_fix) |
|---|
| Procure WLAN equipment whose implementation of TLS has been FIPS 140-2 validated. |