Free DISA STIG and SRG Library | Vaulted

V-57219

The operating system must protect wireless access to the system using authentication of users and/or devices.

Finding ID
SRG-OS-000300-GPOS-00118
Rule ID
SV-71479r1_rule
Severity
Cat II
CCE
(None)
Group Title
SRG-OS-000300-GPOS-00118
CCI
CCI-001443
Target Key
(None)
Documentable
No
Discussion

Allowing devices and users to connect to the system without first authenticating them allows untrusted access and can lead to a compromise or attack. Wireless technologies include, for example, microwave, packet radio (UHF/VHF), 802.11x, and Bluetooth. Wireless networks use authentication protocols (e.g., EAP/TLS, PEAP), which provide credential protection and mutual authentication. This requirement applies to those operating systems that control wireless devices.

Fix Text

Configure the operating system to protect wireless access to the system using authentication of users and/or devices.

Check Content

Verify the operating system protects wireless access to the system using authentication of users and/or devices. If it does not, this is a finding.