UCF STIG Viewer Logo

All wireless PDA clients used for remote access to DoD networks must have a VPN capability that supports AES encryption.


Overview

Finding ID Version Rule ID IA Controls Severity
V-19897 WIR-MOS-PDA-034-02 SV-31705r1_rule ECWN-1 Medium
Description
DoD data could be compromised if transmitted data is not secured with a compliant VPN.
STIG Date
PDA Security Technical Implementation Guide (STIG) 2014-03-18

Details

Check Text ( C-25507r1_chk )
This check is not applicable if the installed VPN client is not used for remote access to DoD networks.
Interview the IAO and/or site wireless device administrator and inspect a sample (3-4) of site devices. Review VPN client specification sheets. Verify the VPN client support AES encryption. Mark as a finding if AES is not supported. Also mark as a finding if no VPN capability is present.
Fix Text (F-20573r6_fix)
Comply with requirement.