All wireless PDA clients used for remote access to DoD networks must have a VPN supporting CAC authentication. This check is not applicable if the installed VPN client is not used for remote access to DoD networks.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-19898	WIR-MOS-WP-034-03	SV-40032r1_rule	ECWN-1	Medium

Description
DoD data could be compromised if transmitted data is not secured with a compliant VPN.

STIG	Date
Windows Phone 6.5 (with Good Mobility Suite) Security Technical Implementation Guide	2011-10-04

Details

Check Text ( C-39048r1_chk )
This check is not applicable if the installed VPN client is not used for remote access to DoD networks. Interview the IAO and/or site wireless device administrator and inspect a sample (3-4) of site devices. Verify the VPN client supports CAC authentication to the DoD network (recommend asking the site wireless device administrator to demo this capability). Mark as a finding if CAC authentication is not supported.

Check Text ( C-39048r1_chk )

This check is not applicable if the installed VPN client is not used for remote access to DoD networks.
Interview the IAO and/or site wireless device administrator and inspect a sample (3-4) of site devices. Verify the VPN client supports CAC authentication to the DoD network (recommend asking the site wireless device administrator to demo this capability). Mark as a finding if CAC authentication is not supported.

Fix Text (F-20573r2_fix)
Comply with policy requirement.