Detections
Analytics

800-53|AC-18(3)

Title

DISABLE WIRELESS NETWORKING

Description

The organization disables, when not intended for use, wireless networking capabilities internally embedded within information system components prior to issuance and deployment.

Reference Item Details

Related: AC-19

Category: ACCESS CONTROL

Parent Title: WIRELESS ACCESS

Family: ACCESS CONTROL

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.2 Ensure intra-zone traffic is not always allowedFortiGateCIS Fortigate 7.0.x v1.3.0 L1
1.2.1 Ensure 'Domain Name' is setCiscoCIS Cisco ASA 9.x Firewall L1 v1.1.0
1.2.1 Ensure 'Permitted IP Addresses' is set to those necessary for device managementPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
1.2.1 Ensure 'Permitted IP Addresses' is set to those necessary for device managementPalo_AltoCIS Palo Alto Firewall 11 v1.0.0 L1
1.2.1 Ensure 'Permitted IP Addresses' is set to those necessary for device managementPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
1.2.2 Ensure 'Host Name' is setCiscoCIS Cisco ASA 9.x Firewall L1 v1.1.0
1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabledPalo_AltoCIS Palo Alto Firewall 11 v1.0.0 L1
1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - HTTPSPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - HTTPSPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - SNMPPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - SNMPPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - SSHPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - SSHPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
1.2.3 Ensure 'Failover' is enabledCiscoCIS Cisco ASA 9.x Firewall L1 v1.1.0
1.2.3 Ensure HTTP and Telnet options are disabled for the management interfacePalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
1.2.3 Ensure HTTP and Telnet options are disabled for the management interfacePalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
1.2.3 Ensure HTTP and Telnet options are disabled for the management interfacePalo_AltoCIS Palo Alto Firewall 11 v1.0.0 L1
1.2.4 Ensure 'Unused Interfaces' is disableCiscoCIS Cisco ASA 9.x Firewall L1 v1.1.0
1.2.4 Ensure HTTP and Telnet options are disabled for all management profilesPalo_AltoCIS Palo Alto Firewall 11 v1.0.0 L1
1.2.4 Ensure HTTP and Telnet options are disabled for all management profiles - HTTPPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
1.2.4 Ensure HTTP and Telnet options are disabled for all management profiles - HTTPPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
1.2.4 Ensure HTTP and Telnet options are disabled for all management profiles - TelnetPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
1.2.4 Ensure HTTP and Telnet options are disabled for all management profiles - TelnetPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
1.2.5 Ensure valid certificate is set for browser-based administrator interfacePalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L2
1.2.5 Ensure valid certificate is set for browser-based administrator interfacePalo_AltoCIS Palo Alto Firewall 11 v1.0.0 L2
1.2.5 Ensure valid certificate is set for browser-based administrator interface - Authentication ProfilePalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L2
1.2.5 Ensure valid certificate is set for browser-based administrator interface - Certificate ProfilesPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L2
1.2.5 Ensure valid certificate is set for browser-based administrator interface - CertificatesPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L2
1.3 Disable all management related services on WAN portFortiGateCIS Fortigate 7.0.x v1.3.0 L1
1.3.1 Pre-authentication BannerCiscoCIS Cisco NX-OS L1 v1.1.0
1.3.2 Ensure 'Image Authenticity' is correctCiscoCIS Cisco ASA 9.x Firewall L1 v1.1.0
1.3.2 Post-authentication BannerCiscoCIS Cisco NX-OS L1 v1.1.0
1.3.10 Ensure 'Password Profiles' do not existPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
1.4.2 Ensure 'Failed Attempts' and 'Lockout Time' for Authentication Profile are properly configuredPalo_AltoCIS Palo Alto Firewall 11 v1.0.0 L1
1.4.2 Ensure 'Failed Attempts' and 'Lockout Time' for Authentication Profile are properly configured - Failed AttemptsPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
1.4.2 Ensure 'Failed Attempts' and 'Lockout Time' for Authentication Profile are properly configured - Failed AttemptsPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
1.4.2 Ensure 'Failed Attempts' and 'Lockout Time' for Authentication Profile are properly configured - Lockout TimePalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
1.4.2 Ensure 'Failed Attempts' and 'Lockout Time' for Authentication Profile are properly configured - Lockout TimePalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
1.4.2.1 Ensure 'TACACS+/RADIUS' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L2 v1.1.0
1.4.3.1 Ensure 'aaa authentication enable console' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.1.0
1.4.3.2 Ensure 'aaa authentication http console' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.1.0
1.4.3.3 Ensure 'aaa authentication secure-http-client' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.1.0
1.4.3.4 Ensure 'aaa authentication ssh console' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.1.0
1.4.4.1 Ensure 'aaa command authorization' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.1.0
1.4.4.2 Ensure 'aaa authorization exec' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.1.0
1.4.5.1 Ensure 'aaa accounting command' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.1.0
1.4.5.2 Ensure 'aaa accounting for SSH' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.1.0
1.4.5.3 Ensure 'aaa accounting for EXEC mode' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.1.0
1.7.1 Pre-authentication BannerCiscoCIS Cisco IOS XR 7.x v1.0.0 L1
1.7.2 Post-authentication BannerCiscoCIS Cisco IOS XR 7.x v1.0.0 L1