If the WMAN system is a tactical system or a commercial system operated in a tactical environment, the site WMAN system DIACAP must include a Transmission Security (TRANSEC) vulnerability analysis.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-18600	WIR0305	SV-20149r1_rule		Low

Description
If the TRANSEC analysis has not been completed, the system may not be designed or configured correctly to mitigate exposure of DoD data or may be vulnerable to a wireless attack.

STIG	Date
WMAN Access Point Security Technical Implementation Guide (STIG)	2017-12-07

Details

Check Text ( C-22264r1_chk )
Detailed Policy Requirements: If the WMAN system is a tactical system or a commercial system operated in a tactical environment, then the site WMAN system DIACAP must include a Transmission Security (TRANSEC) vulnerability analysis, which includes a determination on whether the system has a low probability of explotation (LPE) for the WMAN signal in space and lists recommended risk mitigation actions. NOTE: The purpose of the TRANSEC vulnerability analysis is to determine the jamming and exploitation risk of a WMAN system based on the design of the system. The TRANSEC analysis should include the following components: - Verify radio communications are encrypted including the management, control, and data frames. - Determine denial of service risks to the network. - Check with NSA to determine if additional mitigation actions are available. NOTE: This check should only be reviewed during the initial system Certification and Accreditation (C&A). Check Procedures: Review the SSAA/SSP and other DIACAP documentation. If the WMAN system is a tactical system or a commercial system used in a tactical environment, verify a TRANSEC vulnerability analysis was performed on the WMAN system during the system DIACAP and includes the required components. Mark as a finding if documentation is missing the required analysis and components.

Check Text ( C-22264r1_chk )

Detailed Policy Requirements:

If the WMAN system is a tactical system or a commercial system operated in a tactical environment, then the site WMAN system DIACAP must include a Transmission Security (TRANSEC) vulnerability analysis, which includes a determination on whether the system has a low probability of explotation (LPE) for the WMAN signal in space and lists recommended risk mitigation actions.

NOTE: The purpose of the TRANSEC vulnerability analysis is to determine the jamming and exploitation risk of a WMAN system based on the design of the system. The TRANSEC analysis should include the following components:

- Verify radio communications are encrypted including the management, control, and data frames.
- Determine denial of service risks to the network.
- Check with NSA to determine if additional mitigation actions are available.

NOTE: This check should only be reviewed during the initial system Certification and Accreditation (C&A).

Check Procedures:
Review the SSAA/SSP and other DIACAP documentation. If the WMAN system is a tactical system or a commercial system used in a tactical environment, verify a TRANSEC vulnerability analysis was performed on the WMAN system during the system DIACAP and includes the required components. Mark as a finding if documentation is missing the required analysis and components.

Fix Text (F-34137r1_fix)
Commission a TRANSEC analysis for the WMAN system..