|Finding ID||Version||Rule ID||IA Controls||Severity|
|The risk of a DoD mobile device being attacked via a rogue Wi-Fi access point is higher than for a rogue cellular access point. Therefore, the mobile device should be configured so it does not automatically connect to a Wi-Fi access point. The user should acknowledge and approve the connection to any Wi-Fi access point to minimize the risk of sensitive data on the device being exposed.|
|Apple iOS 5 Security Technical Implementation Guide (STIG)||2012-07-20|
|Check Text ( C-31417r4_chk )|
| On a sample of site-managed iOS devices (pick 3-4 random devices), have the user turn on and log into the device. |
-Go to Settings > Wi-Fi.
-Check the setting of "Ask to Join Networks".
Verify it is set to off (not selected).
Mark as a finding if not checked.
|Fix Text (F-27875r2_fix)|
| The iOS device Wi-Fi setting "Ask to Join Networks" must be set to "On" at all times. |