The VMM must protect wireless access to the system using encryption.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-207437 | SRG-OS-000299-VMM-001060 | SV-207437r958676_rule | CCI-001444 | medium |
| Description | ||||
| Allowing devices and users to connect to the system without first authenticating them allows untrusted access and can lead to a compromise or attack. Since wireless communications can be intercepted, it is necessary to use encryption to protect the confidentiality of information in transit. Wireless technologies include, for example, microwave, packet radio (UHF/VHF), 802.11x, and Bluetooth. Wireless networks use authentication protocols (e.g., EAP/TLS, PEAP), which provide credential protection and mutual authentication. This requirement applies to those VMMs that control wireless devices. | ||||
| STIG | Date | |||
| Virtual Machine Manager Security Requirements Guide | 2024-12-06 | |||
Related Frameworks
3 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
AC-18(1)
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1711 mapping
3.1.17
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-001444
1.00
- DISA · 2 · disa_xccdf · related
Details
Check Text (C-207437r958676_chk)
Verify the VMM protects wireless access to the system using encryption.
If it does not, this is a finding.
Fix Text (F-7694r365722_fix)
Configure the VMM to protect wireless access to the system using encryption.