From Mobile Policy Security Requirements Guide
Part of SRG-MPOL-004
Associated with: CCI-001455
If a TRANSEC vulnerability analysis has not been completed, the system may not be designed or configured correctly to mitigate exposure of DoD data, or may be vulnerable to a wireless attack. The purpose of the analysis is to determine the jamming and exploitation risk of a WMAN system based on the design of the system
Review the accreditation documentation to determine if the WMAN system is a tactical system or a commercial system used in a tactical environment. If the WMAN system is not a tactical system or a commercial system operated in a tactical environment, this requirement is NA. Verify a TRANSEC vulnerability analysis was performed on the WMAN system during the system C&A review. The documentation must include the required components. Verification that radio communications are encrypted, including the management, control and data frames, determination of denial of service risks to the network, and probability of LPE for the WMAN signal. If documentation is missing the required analysis and components, this is a finding. Note: Check with NSA to determine if additional mitigation actions are available.
Include a TRANSEC vulnerability analysis in the WMAN system accreditation if the WMAN system operates in a tactical environment.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer