Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-243215 | WLAN-NW-001300 | SV-243215r720100_rule | Medium |
Description |
---|
Call-home services will routinely send data such as configuration and diagnostic information to the vendor for routine or emergency analysis and troubleshooting. There is a risk that transmission of sensitive data sent to unauthorized persons could result in data loss or downtime due to an attack. (See SRG-NET-000131-RTR-000083.) |
STIG | Date |
---|---|
Network WLAN AP-IG Platform Security Technical Implementation Guide | 2022-02-03 |
Check Text ( C-46490r720098_chk ) |
---|
Review the device configuration to determine if the call home service or feature is disabled on the device. If the call home service is enabled on the device, this is a finding. Note: This feature can be enabled if the communication is only to a server residing in the local area network or enclave. |
Fix Text (F-46447r720099_fix) |
---|
Configure the network device to disable the call home service or feature. Note: This feature can be enabled if the communication is only to a server residing in the local area network or enclave. |