STIGQter: STIG Summary: Red Hat Enterprise Linux 7 Security Technical Implementation Guide Version: 3 Release: 3 Benchmark Date: 23 Apr 2021:

The Red Hat Enterprise Linux operating system must be configured so that all wireless network adapters are disabled.

DISA Rule

SV-204634r603261_rule

Vulnerability Number

V-204634

Group Title

SRG-OS-000424-GPOS-00188

Rule Version

RHEL-07-041010

Severity

CAT II

CCI(s)

• CCI-001443 - The information system protects wireless access to the system using authentication of users and/or devices.
• CCI-001444 - The information system protects wireless access to the system using encryption.
• CCI-002418 - The information system protects the confidentiality and/or integrity of transmitted information.

Weight

10

Fix Recommendation

Configure the system to disable all wireless network interfaces with the following command:

#nmcli radio wifi off

Check Contents

Verify that there are no wireless interfaces configured on the system.

This is N/A for systems that do not have wireless network adapters.

Check for the presence of active wireless interfaces with the following command:

# nmcli device
DEVICE TYPE STATE
eth0 ethernet connected
wlp3s0 wifi disconnected
lo loopback unmanaged

If a wireless interface is configured and its use on the system is not documented with the Information System Security Officer (ISSO), this is a finding.

Vulnerability Number

V-204634

Documentable

False

Rule Version

RHEL-07-041010

Severity Override Guidance

Verify that there are no wireless interfaces configured on the system.

This is N/A for systems that do not have wireless network adapters.

Check for the presence of active wireless interfaces with the following command:

# nmcli device
DEVICE TYPE STATE
eth0 ethernet connected
wlp3s0 wifi disconnected
lo loopback unmanaged

If a wireless interface is configured and its use on the system is not documented with the Information System Security Officer (ISSO), this is a finding.

Check Content Reference

M

Target Key

2899

Comments