UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

WLAN components must be FIPS 140-2 or FIPS 140-3 certified.


Overview

Finding ID Version Rule ID IA Controls Severity
V-243210 WLAN-NW-000600 SV-243210r720085_rule Medium
Description
If the DoD WLAN components (WLAN AP, controller, or client) are not NIST FIPS 140-2/FIPS 140-3 (Cryptographic Module Validation Program, CMVP) certified, the WLAN system may not adequately protect sensitive unclassified DoD data from compromise during transmission.
STIG Date
Network WLAN AP-IG Platform Security Technical Implementation Guide 2022-02-03

Details

Check Text ( C-46485r720083_chk )
Review the WLAN equipment specification and verify it is FIPS 140-2/3 (CMVP) certified for data in transit, including authentication credentials.

If the WLAN equipment is not is FIPS 140-2/3 (CMVP) certified, this is a finding.
Fix Text (F-46442r720084_fix)
Use WLAN equipment that is FIPS 140-2/3 (CMVP) certified.