STIGQter: STIG Summary: WLAN Controller Security Technical Implementation Guide (STIG) Version: 6 Release: 15 Benchmark Date: 26 Apr 2019:

The WLAN inactive session timeout must be set for 30 minutes or less.

DISA Rule

SV-15656r1_rule

Vulnerability Number

V-14888

Group Title

WLAN session timeout set to 30 minutes or less

Rule Version

WIR0110

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Set the WLAN inactive session timeout to 30 minutes or less.

Check Contents

1. Review the relevant configuration screen of the WLAN controller or access point.
2. Verify the session timeout setting is set for 30 minutes or less.
4. Mark as a finding if any of the following are found.
- Session timeout is not set to 30 minutes or less for the entire WLAN.
- The WLAN does not have the capability to enable the session time-out feature.

Vulnerability Number

V-14888

Documentable

False

Rule Version

WIR0110

Severity Override Guidance

1. Review the relevant configuration screen of the WLAN controller or access point.
2. Verify the session timeout setting is set for 30 minutes or less.
4. Mark as a finding if any of the following are found.
- Session timeout is not set to 30 minutes or less for the entire WLAN.
- The WLAN does not have the capability to enable the session time-out feature.

Check Content Reference

M

Responsibility

System Administrator

Target Key

1538

Comments