A site must use a WMAN system in compliance with Committee on National Security Systems Policy (CNSSP) 300: the Department or Agency Certified TEMPEST Technical Authority (CTTA) has evaluated the system to determine its TEMPEST vulnerability and provided this information to the DAA.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-18617 | WIR0345 | SV-20174r1_rule | Low |
| Description |
|---|
| Sensitive or classified information could be compromised via a TEMPEST vulnerability. |
| STIG | Date |
|---|---|
| WMAN Access Point Security Technical Implementation Guide (STIG) | 2017-12-07 |
Details
| Check Text ( C-22298r1_chk ) |
|---|
| NOTE: This check should only be reviewed during the initial system Certification and Accreditation (C&A). Interview the IAO and review the site SSAA/SSP or DIACAP documentation to verify the Department or Agency CTTA has completed the required evaluation. Mark as a finding if the required evaluation has not been completed. |
| Fix Text (F-14436r1_fix) |
|---|
| Comply with policy. |