The VMM must protect wireless access to the system using encryption.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
medium	V-207437	SRG-OS-000299	SRG-OS-000299-VMM-001060	SV-207437r958676_rule	2024-12-06	2

Description
Allowing devices and users to connect to the system without first authenticating them allows untrusted access and can lead to a compromise or attack. Since wireless communications can be intercepted, it is necessary to use encryption to protect the confidentiality of information in transit. Wireless technologies include, for example, microwave, packet radio (UHF/VHF), 802.11x, and Bluetooth. Wireless networks use authentication protocols (e.g., EAP/TLS, PEAP), which provide credential protection and mutual authentication. This requirement applies to those VMMs that control wireless devices.

Description

Allowing devices and users to connect to the system without first authenticating them allows untrusted access and can lead to a compromise or attack. Since wireless communications can be intercepted, it is necessary to use encryption to protect the confidentiality of information in transit. Wireless technologies include, for example, microwave, packet radio (UHF/VHF), 802.11x, and Bluetooth. Wireless networks use authentication protocols (e.g., EAP/TLS, PEAP), which provide credential protection and mutual authentication. This requirement applies to those VMMs that control wireless devices.

ℹ️ Check
Verify the VMM protects wireless access to the system using encryption. If it does not, this is a finding.

✔️ Fix
Configure the VMM to protect wireless access to the system using encryption.