UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

WLAN components must be FIPS 140-2 certified.


Overview

Finding ID Version Rule ID IA Controls Severity
V-92237 WIR0115-3 SV-102339r1_rule Medium
Description
If the DoD WLAN components (WLAN AP, controller, or client) are not NIST FIPS 140-2 (Cryptographic Module Validation Program – CMVP) certified, the WLAN system may not adequately protect sensitive unclassified DoD data from compromise during transmission.
STIG Date
WLAN Access Point (Enclave-NIPRNet Connected) Security Technical Implementation Guide (STIG) 2019-02-26

Details

Check Text ( C-91401r1_chk )
Review the WLAN equipment specification and verify it is FIPS 140-2 (CMVP) certified for data in transit, including authentication credentials.

If the WLAN equipment is not is FIPS 140-2 (CMVP) certified, this is a finding.
Fix Text (F-98445r1_fix)
Use WLAN equipment that is FIPS 140-2 (CMVP) certified.