UCF STIG Viewer Logo

All wireless PDA clients used for remote access to a DoD network must have a VPN capability that supports CAC authentication.


Finding ID Version Rule ID IA Controls Severity
V-19898 WIR-MOS-PDA-034-03 SV-31706r1_rule ECWN-1 Medium
If an adversary can bypass a VPN’s authentication controls, then the adversary can compromise DoD data transmitted over the VPN and conduct further attacks on DoD networks. CAC authentication greatly mitigates this risk by providing strong two-factor authentication.
PDA Security Technical Implementation Guide (STIG) 2014-03-18


Check Text ( C-25512r1_chk )
Interview the IAO and/or site wireless device administrator and inspect a sample (3-4) of site devices.

Verify the VPN client supports CAC authentication to the DoD network (recommend asking the site wireless device administrator to demo this capability).

Mark as a finding if CAC authentication is not supported.
Fix Text (F-20573r6_fix)
Comply with requirement.