Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-19894 | WIR0125-02 | SV-22064r2_rule | ECCT-1 ECSC-1 ECWN-1 | Medium |
Description |
---|
Most known security breaches of cryptography result from improper implementation of the cryptography, not flaws in the cryptographic algorithms themselves. FIPS 140-2 validation provides assurance that cryptography is implemented correctly, and is required for Federal Government uses of cryptography in non-classified applications. |
STIG | Date |
---|---|
WLAN Access Point (Enclave-NIPRNet Connected) Security Technical Implementation Guide (STIG) | 2013-03-14 |
Check Text ( C-25502r1_chk ) |
---|
Check Procedures: Review the WLAN system product documentation (specification sheet, administration manual, etc.), which should include the FIPS 140-2 certificate for the WLAN system. Verify the certificate specifically covers the implementation of AES-CCMP. If there are any concerns about the currency or veracity of the certificate in the product documentation, the reviewer should check the NIST Internet web site (http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm) and find the certificate. |
Fix Text (F-34065r1_fix) |
---|
Procure WLAN equipment whose implementation of AES-CCMP has been FIPS 140-2 validated. |