Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The system administrator will ensure in-band management access to the device is secured using FIPS 140-2 approved encryption or hash algorithms such as AES, 3DES, SSH, or TLS / SSL.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-3069 | NET1638 | SV-3069r7_rule | ECSC-1 | Medium |
| Description |
|---|
| Remote administration using non-FIPS 140-2 compliant encryption is inherently dangerous because anyone with a sniffer and access to the right LAN segment can acquire the device's account and password information. With this intercepted information they could gain access to the device and cause denial of service attacks, intercept sensitive information, or perform other destructive actions. |
| STIG | Date |
|---|---|
| WLAN Bridge Security Technical Implementation Guide | 2011-10-10 |
Details
| Check Text ( C-3532r2_chk ) |
|---|
| Base Procedure: Review the Inband management interfaces and determine if the access to the device is encrypted as required. |
| Fix Text (F-3094r4_fix) |
|---|
| The SA will ensure access to network devices comply with approved FIPS 140-2. |