UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network element must monitor for unauthorized connections of mobile devices to information systems.


Overview

Finding ID Version Rule ID IA Controls Severity
V-26993 SRG-NET-000071 SV-34287r1_rule Medium
Description
Wireless services enable users within close proximity of access points to have access to data and services within the private network. The security boundary of a Wireless LAN extends from the client device to the network boundary where network access is controlled. This boundary represents the portion of the network most vulnerable to attack and thereby must be protected. Unless restrictions are put in place, a user connecting to the enclave via wireless access can access/perform everything he/she could access/perform as those connected via Ethernet. Monitoring will ensure unauthorized access to the enclave’s resources and data will not go undetected. Use of unapproved devices to process non-publicly releasable data increases the risk to the network. Devices attached to or inserted into the end point's plug-and-play ports and slots can be a vector for the insertion of malware when used to access the network. Storage devices are portable and can be easily concealed. Requiring approval prior to use these devices heightens awareness of the threat, limits the potential use of contaminated devices, and allows for proper tracking and control. Designated Approval Authority (DAA) approval of flash memory devices is required by the United States Cyber Command (USCYBERCOM) Communications Task Order (CTO) 10-004A Removable Flash Media Device Implementation within and between Department of Defense (DoD) Networks (U/FOUO) (or latest version of this CTO).
STIG Date
Network Security Requirements Guide 2011-12-28

Details

Check Text ( None )
None
Fix Text (None)
None