UCF STIG Viewer Logo

WIDS sensor scan results must be saved for at least one year.


Finding ID Version Rule ID IA Controls Severity
V-19896 WIR0145-02 SV-22066r1_rule ECWN-1 Low
DoDD 8100.2 requires ALL DoD networks use a wireless IDS to scan for unauthorized wireless devices. If sites do not maintain scan logs, it cannot be determined if IDS findings are isolated and harmless events or a more sustained, methodical attack on the system.
WLAN IDS Sensor/Server Security Technical Implementation Guide (STIG) 2013-03-14


Check Text ( C-25505r1_chk )
Detailed policy requirements:

The results of WIDS scans (logs and scan results) shall be maintained by the site for at least one year.

Check procedures:

Interview the site IAO. Verify the site has saved its scan results for at least one year, viewing one of the older logs to validate the practice. Mark as a finding if the site is not saving the logs/results or is saving them for less than one year.
Fix Text (F-34073r1_fix)
IAO must ensure WIDS and operating procedures maintain WLAN scan results for at least one year.