The organization must monitor for unauthorized wireless connections to the information system at an organization defined time period.

From Mobile Policy Security Requirements Guide

Associated with: CCI-001445

SV-47235r1_rule The organization must monitor for unauthorized wireless connections to the information system at an organization defined time period.

Vulnerability discussion

DoD networks are at risk, and DoD data could be compromised if wireless scanning is not conducted to identify unauthorized WLAN clients and access points connected to, or attempting to, connect to the network. DoD components will ensure a Wireless Intrusion detection System (WIDS) is implemented that allows for monitoring of WLAN activity and the detection of WLAN-related policy violations on all unclassified and classified DoD wired and wireless LANs. The WIDS shall be capable of monitoring Wi-Fi transmissions within all DoD LAN environments and detecting nearby unauthorized WLAN devices. WIDS are not required to monitor non-Wi-Fi transmissions.

Check content

Review the site's network monitoring and scanning procedures. Determine if monitoring of the WIDS is being conducted at an organized defined time period. If WIDS monitoring is not being performed at an organization defined time period, this is a finding.

Fix text

Monitor for unauthorized wireless connections to the information system at an organization defined time period.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.