Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
WIDS sensor scan results must be saved for at least one year.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-19896 | WIR0145-02 | SV-22066r1_rule | ECWN-1 | Low |
| Description |
|---|
| DoDD 8100.2 requires ALL DoD networks use a wireless IDS to scan for unauthorized wireless devices. If sites do not maintain scan logs, it cannot be determined if IDS findings are isolated and harmless events or a more sustained, methodical attack on the system. |
| STIG | Date |
|---|---|
| WLAN IDS Sensor/Server Security Technical Implementation Guide (STIG) | 2013-03-14 |
Details
| Check Text ( C-25505r1_chk ) |
|---|
| Detailed policy requirements: The results of WIDS scans (logs and scan results) shall be maintained by the site for at least one year. Check procedures: Interview the site IAO. Verify the site has saved its scan results for at least one year, viewing one of the older logs to validate the practice. Mark as a finding if the site is not saving the logs/results or is saving them for less than one year. |
| Fix Text (F-34073r1_fix) |
|---|
| IAO must ensure WIDS and operating procedures maintain WLAN scan results for at least one year. |