STIGQter: STIG Summary: WLAN Access Point (Internet Gateway Only Connection) Security Technical Implementation Guide (STIG) Version: 6 Release: 14 Benchmark Date: 27 Apr 2018:

WLAN access point must be configured for Wi-Fi Alliance WPA2 security.

DISA Rule

SV-31426r1_rule

Vulnerability Number

V-25315

Group Title

WLAN Access Point WPA2 configuration

Rule Version

WIR0121

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the access point for WPA2 authentication, confidentiality, and integrity services. In the case of WPA2 (Personal), this action will require the selection of a strong passcode or passphrase. In the case of WPA2 (Enterprise), this action will require the organization to deploy RADIUS or equivalent authentication services on a separate server. In cases in which the access point does not support WPA2, the organization will need to procure new equipment.

Check Contents

Verify the access point is configured for either WPA2 (Enterprise) or WPA2 (Personal) authentication. The procedure for performing this review will vary depending on the AP model. Have the SA show the configuration setting.

Vulnerability Number

V-25315

Documentable

False

Rule Version

WIR0121

Severity Override Guidance

Verify the access point is configured for either WPA2 (Enterprise) or WPA2 (Personal) authentication. The procedure for performing this review will vary depending on the AP model. Have the SA show the configuration setting.

Check Content Reference

M

Responsibility

Information Assurance Officer

Target Key

545

Comments