|Finding ID||Version||Rule ID||IA Controls||Severity|
|DoD data could be compromised if transmitted data is not secured with a compliant VPN.|
|PDA Security Technical Implementation Guide (STIG)||2014-03-18|
|Check Text ( C-25507r1_chk )|
| This check is not applicable if the installed VPN client is not used for remote access to DoD networks. |
Interview the IAO and/or site wireless device administrator and inspect a sample (3-4) of site devices. Review VPN client specification sheets. Verify the VPN client support AES encryption. Mark as a finding if AES is not supported. Also mark as a finding if no VPN capability is present.
|Fix Text (F-20573r6_fix)|
|Comply with requirement.|