UCF STIG Viewer Logo

Site WMAN systems that transmit unclassified data must implement required data encryption controls.


Overview

Finding ID Version Rule ID IA Controls Severity
V-18603 WIR0325 SV-20154r1_rule Medium
Description
Sensitive DoD data could be exposed to a hacker.
STIG Date
WMAN Bridge Security Technical Implementation Guide (STIG) 2017-12-07

Details

Check Text ( C-22270r1_chk )
Detailed policy requirements:

Site WMAN systems that transmit unclassified data must implement the following data encryption controls:

- For tactical WMAN systems or commercial WMAN systems operated in a tactical environment:
--The WMAN system must implement FIPS 140-2 validated encryption to protect the ISO OSI Layer 2 radio data frames. The WMAN system must be configured for AES-CCM encryption, if supported by the WMAN system.
--The WMAN system must implement FIPS 140-2 validated encryption to protect the ISO OSI Layer 3 data being transmitted.

- For tactical WMAN systems or commercial WMAN systems operated in a non-tactical environment and for WMAN bridges:
--The WMAN system must implement FIPS 140-2 validated encryption at ISO OSI Layer 2 or 3.

Check Procedures:

Verify with the IAO that site WMAN systems transmitting unclassified data implement the following data encryption controls:

For tactical WMAN systems or commercial WMAN systems operated in a tactical environment:
- The WMAN system must implement FIPS 140-2 validated encryption to protect the ISO OSI Layer 2 radio data frames. The WMAN system will be configured for AES-CCM encryption, if supported by the WMAN system.
- The WMAN system must implement FIPS 140-2 validated encryption to protect the ISO OSI Layer 3 data being transmitted.

For tactical WMAN systems or commercial WMAN systems operated in a non-tactical environment:
- The WMAN system must implement FIPS 140-2 validated encryption at ISO OSI Layer 2 or 3.

Mark as a finding if these requirements are not met.
Fix Text (F-14436r1_fix)
Comply with policy.