Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-243226 | WLAN-NW-001300 | SV-243226r720133_rule | Medium |
Description |
---|
Call-home services will routinely send data such as configuration and diagnostic information to the vendor for routine or emergency analysis and troubleshooting. There is a risk that transmission of sensitive data sent to unauthorized persons could result in data loss or downtime due to an attack. (See SRG-NET-000131-RTR-000083.) |
STIG | Date |
---|---|
Network WLAN AP-NIPR Platform Security Technical Implementation Guide | 2023-02-13 |
Check Text ( C-46501r720131_chk ) |
---|
Review the device configuration to determine if the call home service or feature is disabled on the device. If the call home service is enabled on the device, this is a finding. Note: This feature can be enabled if the communication is only to a server residing in the local area network or enclave. |
Fix Text (F-46458r720132_fix) |
---|
Configure the network device to disable the call home service or feature. Note: This feature can be enabled if the communication is only to a server residing in the local area network or enclave. |