The operating system must protect wireless access to and from the system using encryption.

From General Purpose Operating System SRG

Associated with: CCI-001444

SV-71477r1_rule The operating system must protect wireless access to and from the system using encryption.

Vulnerability discussion

Allowing devices and users to connect to or from the system without first authenticating them allows untrusted access and can lead to a compromise or attack. Since wireless communications can be intercepted, it is necessary to use encryption to protect the confidentiality of information in transit.Wireless technologies include, for example, microwave, packet radio (UHF/VHF), 802.11x, and Bluetooth. Wireless networks use authentication protocols (e.g., EAP/TLS, PEAP), which provide credential protection and mutual authentication.This requirement applies to those operating systems that control wireless devices.

Check content

Verify the operating system protects wireless access to and from the system using encryption. If it does not, this is a finding.

Fix text

Configure the operating system to protect wireless access to and from the system using encryption.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.