DoD network users authorized to remotely connect to a DoD network from a residential WLAN must configure the access point with a strong pre-shared key (PSK) passcode.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-30358 | WIR0931 | SV-40013r1_rule | ECWN-1 | Medium |
| Description |
|---|
| If the passcode is weak, then an adversary is more likely to crack it. Once an adversary obtains the passcode, the adversary can use the passcode access to gain access to WLAN and potentially other networks to which it is attached. |
| STIG | Date |
|---|---|
| PDA/Smartphone Security Technical Implementation Guide | 2011-10-07 |
Details
| Check Text ( C-39023r1_chk ) |
|---|
| Interview the IAO to determine that the site is providing guidance to users on the selection of an appropriate passcode. Mark as a finding if no such guidance is provided or if the guidance provided does not adequately cover the passcode requirements. |
| Fix Text (F-34113r1_fix) |
|---|
| Provide users with appropriate guidance on using strong passcodes to generate the WLAN PSK. |