The Incident Response Plan (IRP) and/or SOP must have the required procedures for reporting the results of WMAN intrusion scans.

From Mobile Policy Security Requirements Guide

Associated with: CCI-001439

SV-47257r1_rule The Incident Response Plan (IRP) and/or SOP must have the required procedures for reporting the results of WMAN intrusion scans.

Vulnerability discussion

If scan results are not properly reported and acted on, the site could be vulnerable to wireless attack. This requirement originated in DTM 08-039, "Commercial Wireless Metropolitan Area Network (WMAN) Systems and Technology."

Check content

Review the site Incident Response Plan (IRP) or Standard Operating Procedure (SOP) to determine if it includes procedures for reporting unauthorized access, intrusion, jamming, or electromagnetic interference identified during active electromagnetic scanning for wireless systems that connect directly to DoD networks. If the IRP or SOP does not address these requirements, this is a finding.

Fix text

Update the IRP and/or SOP to have the required procedures for reporting the results of WMAN intrusion scans.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.