UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

If the WMAN system is a tactical system or a commercial system operated in a tactical environment, the site WMAN system DIACAP must include a Transmission Security (TRANSEC) vulnerability analysis.


Overview

Finding ID Version Rule ID IA Controls Severity
V-18600 WIR0305 SV-20149r1_rule ECWN-1 Low
Description
If the TRANSEC analysis has not been completed, the system may not be designed or configured correctly to mitigate exposure of DoD data or may be vulnerable to a wireless attack.
STIG Date
WMAN Access Point Security Technical Implementation Guide (STIG) 2016-01-04

Details

Check Text ( C-22264r1_chk )
Detailed Policy Requirements:

If the WMAN system is a tactical system or a commercial system operated in a tactical environment, then the site WMAN system DIACAP must include a Transmission Security (TRANSEC) vulnerability analysis, which includes a determination on whether the system has a low probability of explotation (LPE) for the WMAN signal in space and lists recommended risk mitigation actions.

NOTE: The purpose of the TRANSEC vulnerability analysis is to determine the jamming and exploitation risk of a WMAN system based on the design of the system. The TRANSEC analysis should include the following components:

- Verify radio communications are encrypted including the management, control, and data frames.
- Determine denial of service risks to the network.
- Check with NSA to determine if additional mitigation actions are available.

NOTE: This check should only be reviewed during the initial system Certification and Accreditation (C&A).

Check Procedures:
Review the SSAA/SSP and other DIACAP documentation. If the WMAN system is a tactical system or a commercial system used in a tactical environment, verify a TRANSEC vulnerability analysis was performed on the WMAN system during the system DIACAP and includes the required components. Mark as a finding if documentation is missing the required analysis and components.
Fix Text (F-34137r1_fix)
Commission a TRANSEC analysis for the WMAN system..