Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-30255 | WIR0114 | SV-39891r1_rule | ECSC-1 ECWN-1 | Medium |
Description |
---|
The Wi-Fi Alliance WPA2-Enterprise certification means the WLAN equipment can support DoD requirements, most notably EAP-TLS and AES-CCMP. If the equipment has not been WPA-Enterprise certified, then the equipment may not have the required security functionality to protect DoD networks and information. |
STIG | Date |
---|---|
WLAN Access Point (Enclave-NIPRNet Connected) Security Technical Implementation Guide | 2011-10-07 |
Check Text ( C-38911r1_chk ) |
---|
Check Procedures: Review the WLAN system product documentation (specification sheet, administration manual, etc.). Verify the system is WPA2-Enterprise certified. Mark as a finding if not WPA2-Enterprise certified. Note that WPA is the precursor certification to WPA2 and is not sufficient. |
Fix Text (F-34048r1_fix) |
---|
Procure WPA2-Enterprise certified WLAN equipment. |