UCF STIG Viewer Logo

WLAN Client Security Technical Implementation Guide (STIG)


Date Finding Count (9)
2014-08-26 CAT I (High): 1 CAT II (Med): 7 CAT III (Low): 1
STIG Description
This STIG contains the technical security controls for the operation of a WLAN client in the DoD environment.

Available Profiles

Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-3512 High NSA Type1 products and required procedures must be used to protect classified data at rest (DAR) on wireless devices used on a classified WLAN or WMAN.
V-3503 Medium WLAN-capable devices must not use wireless peer-to-peer networks to connect to other devices.
V-3692 Medium WLAN must use EAP-TLS.
V-14202 Medium FIPS 140-2 validated encryption modules must be used to encrypt unclassified sensitive data at rest on the wireless device (e.g., laptop, PDA, smartphone).
V-3515 Medium The WLAN must use AES-CCMP to protect data-in-transit.
V-30257 Medium WLAN EAP-TLS implementation must use certificate-based PKI authentication to connect to DoD networks.
V-14002 Medium A device’s wired network interfaces (e.g., Ethernet) must be disconnected or otherwise disabled when wireless connections are in use.
V-4632 Medium Laptops with WLAN interfaces must have the WLAN card radio set to OFF as the default setting.
V-7072 Low WLAN clients must not be configured to connect to other WLAN devices without the user initiating a request to establish such a connection.