UCF STIG Viewer Logo

WMAN Subscriber Security Technical Implementation Guide (STIG)


Overview

Date Finding Count (9)
2014-03-18 CAT I (High): 2 CAT II (Med): 7 CAT III (Low): 0
STIG Description
This STIG contains the technical security controls for the operation of a WMAN Subscriber in the DoD environment.

Available Profiles



Findings (MAC I - Mission Critial Classified)

Finding ID Severity Title
V-3512 High NSA Type1 products and required procedures must be used to protect classified data at rest (DAR) on wireless devices used on a classified WLAN or WMAN.
V-18604 High A WMAN system transmitting classified data must implement required data encryption controls.
V-14207 Medium WMAN systems must require strong authentication from the user or WMAN subscriber device to WMAN network.
V-18603 Medium Site WMAN systems that transmit unclassified data must implement required data encryption controls.
V-18602 Medium When a WMAN system is implemented, the network enclave must enforce strong authentication from user to DoD enclave (wired network). For “User to Enclave” authentication, the enclave must enforce network authentication requirements found in USCYBERCOM CTO 07-15Rev1 (or subsequent updates) (e.g. CAC authentication). Note: User authentication to the enclave must be a separate process from authentication to the WMAN system. If the WMAN vendor implements CAC authentication for the User or WMAN subscriber device to WMAN network, the user may only need to enter their PIN once to authenticate to both the WMAN system and the enclave.
V-19903 Medium Site WMAN systems must implement strong authentication from the user or WMAN subscriber device to WMAN network.
V-14202 Medium FIPS 140-2 validated encryption modules must be used to encrypt unclassified sensitive data at rest on the wireless device (e.g., laptop, PDA, smartphone).
V-19904 Medium Site WMAN systems must implement strong authentication from the user or WMAN subscriber device to WMAN network.
V-14002 Medium A device’s wired network interfaces (e.g., Ethernet) must be disconnected or otherwise disabled when wireless connections are in use.