UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

If the WMAN system is a tactical system or a commercial system operated in a tactical environment, the site WMAN system DIACAP must include a Transmission Security (TRANSEC) vulnerability analysis.


Overview

Finding ID Version Rule ID IA Controls Severity
V-18600 WIR0305 SV-20149r1_rule Low
Description
If the TRANSEC analysis has not been completed, the system may not be designed or configured correctly to mitigate exposure of DoD data or may be vulnerable to a wireless attack.
STIG Date
WMAN Access Point Security Technical Implementation Guide (STIG) 2017-12-07

Details

Check Text ( C-22264r1_chk )
Detailed Policy Requirements:

If the WMAN system is a tactical system or a commercial system operated in a tactical environment, then the site WMAN system DIACAP must include a Transmission Security (TRANSEC) vulnerability analysis, which includes a determination on whether the system has a low probability of explotation (LPE) for the WMAN signal in space and lists recommended risk mitigation actions.

NOTE: The purpose of the TRANSEC vulnerability analysis is to determine the jamming and exploitation risk of a WMAN system based on the design of the system. The TRANSEC analysis should include the following components:

- Verify radio communications are encrypted including the management, control, and data frames.
- Determine denial of service risks to the network.
- Check with NSA to determine if additional mitigation actions are available.

NOTE: This check should only be reviewed during the initial system Certification and Accreditation (C&A).

Check Procedures:
Review the SSAA/SSP and other DIACAP documentation. If the WMAN system is a tactical system or a commercial system used in a tactical environment, verify a TRANSEC vulnerability analysis was performed on the WMAN system during the system DIACAP and includes the required components. Mark as a finding if documentation is missing the required analysis and components.
Fix Text (F-34137r1_fix)
Commission a TRANSEC analysis for the WMAN system..