800-53|AC-18(4)

Title

RESTRICT CONFIGURATIONS BY USERS

Description

The organization identifies and explicitly authorizes users allowed to independently configure wireless networking capabilities.

Supplemental

Organizational authorizations to allow selected users to configure wireless networking capability are enforced in part, by the access enforcement mechanisms employed within organizational information systems.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Related: AC-3,SC-15

Category: ACCESS CONTROL

Parent Title: WIRELESS ACCESS

Family: ACCESS CONTROL

Baseline Impact: HIGH

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
3.1.2 Ensure wireless interfaces are disabled	Unix	CIS CentOS 6 Server L1 v3.0.0
3.1.2 Ensure wireless interfaces are disabled	Unix	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0
3.1.2 Ensure wireless interfaces are disabled	Unix	CIS Debian Family Workstation L2 v1.0.0
3.1.2 Ensure wireless interfaces are disabled	Unix	CIS Fedora 19 Family Linux Server L1 v1.0.0
3.1.2 Ensure wireless interfaces are disabled	Unix	CIS Oracle Linux 6 Workstation L2 v2.0.0
3.1.2 Ensure wireless interfaces are disabled	Unix	CIS CentOS 6 Workstation L2 v3.0.0
3.1.2 Ensure wireless interfaces are disabled	Unix	CIS Oracle Linux 6 Server L1 v2.0.0
3.1.2 Ensure wireless interfaces are disabled	Unix	CIS Debian Family Server L1 v1.0.0
3.1.2 Ensure wireless interfaces are disabled	Unix	CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0
3.1.2 Ensure wireless interfaces are disabled	Unix	CIS Fedora 19 Family Linux Workstation L2 v1.0.0
3.1.2 Ensure wireless interfaces are disabled - interfaces	Unix	CIS SUSE Linux Enterprise Workstation 12 L1 v3.1.0
3.1.2 Ensure wireless interfaces are disabled - iw list	Unix	CIS SUSE Linux Enterprise Workstation 12 L1 v3.1.0
3.6 Ensure wireless interfaces are disabled	Unix	CIS Distribution Independent Linux Workstation L2 v2.0.0
3.6 Ensure wireless interfaces are disabled	Unix	CIS Distribution Independent Linux Server L1 v2.0.0
3.7 Ensure wireless interfaces are disabled	Unix	CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0
18.5.20.1 (L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' - DisableFlashConfigRegistrar	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.5.20.1 (L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' - DisableFlashConfigRegistrar	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2
18.5.20.1 (L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' - DisableInBand802DOT11Registrar	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2
18.5.20.1 (L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' - DisableInBand802DOT11Registrar	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.5.20.1 (L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' - DisableUPnPRegistrar	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.5.20.1 (L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' - DisableUPnPRegistrar	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2
18.5.20.1 (L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' - DisableWPDRegistrar	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2
18.5.20.1 (L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' - DisableWPDRegistrar	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.5.20.1 (L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' - EnableRegistrars	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2
18.5.20.1 (L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' - EnableRegistrars	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.5.20.2 (L2) Ensure 'Prohibit access of the Windows Connect Now wizards' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2
18.5.20.2 (L2) Ensure 'Prohibit access of the Windows Connect Now wizards' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.5.21.1 (L1) Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 1 = Minimize simultaneous connections'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.5.21.1 Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 1 = Minimize simultaneous connections'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
18.5.21.1 Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 1 = Minimize simultaneous connections' - Enabled: 3 = Prevent Wi-Fi when on Ethernet	Windows	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS
18.5.21.1 Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 1 = Minimize simultaneous connections' - Enabled: 3 = Prevent Wi-Fi when on Ethernet	Windows	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC
18.5.21.1 Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'	Windows	CIS Microsoft Windows Server 2019 STIG DC L1 v1.0.1
18.5.21.1 Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'	Windows	CIS Microsoft Windows Server 2019 STIG MS L1 v1.0.1
18.5.21.2 (L1) Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
18.6.21.1 Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'	Windows	CIS Microsoft Windows 11 Enterprise v2.0.0 L1
18.6.21.1 Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'	Windows	CIS Microsoft Windows 10 Enterprise v2.0.0 L1
18.6.21.1 Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'	Windows	CIS Microsoft Windows 11 Enterprise v2.0.0 L1 + BL
18.6.21.1 Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'	Windows	CIS Microsoft Windows 10 Enterprise v2.0.0 L1 + NG
18.6.21.1 Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'	Windows	CIS Microsoft Windows 10 Enterprise v2.0.0 L1 + BL + NG
18.6.21.1 Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'	Windows	CIS Microsoft Windows 10 Enterprise v2.0.0 L1 + BL
18.6.21.2 Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'	Windows	CIS Microsoft Intune for Windows 10 v2.0.0 L1 + BL + NG
18.6.21.2 Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'	Windows	CIS Microsoft Intune for Windows 11 v2.0.0 L1 + BL
18.6.21.2 Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'	Windows	CIS Microsoft Intune for Windows 11 v2.0.0 L1 + NG
18.6.21.2 Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'	Windows	CIS Microsoft Intune for Windows 11 v2.0.0 L1
18.6.21.2 Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'	Windows	CIS Microsoft Intune for Windows 11 v2.0.0 L1 + BL + NG
18.6.21.2 Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'	Windows	CIS Microsoft Intune for Windows 10 v2.0.0 L1 + NG
18.6.21.2 Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'	Windows	CIS Microsoft Intune for Windows 10 v2.0.0 L1 + BL
18.6.21.2 Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'	Windows	CIS Microsoft Intune for Windows 10 v2.0.0 L1
Big Sur - Disable Bluetooth Sharing	Unix	NIST macOS Big Sur v1.4.0 - 800-171

Detections

Analytics