Back

Use Wireless Local Area Network Network Interface Cards that turn off or disable Peer-To-Peer Wireless Local Area Network communications.


CONTROL ID
04594
CONTROL TYPE
Testing
CLASSIFICATION
Detective

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Configure Wireless Access Points in accordance with organizational standards., CC ID: 12477

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • Banks should disable peer-to-peer wireless network capabilities on wireless clients, unless such functionality meets a documented business need. (Critical components of information security 28) xiii., Guidelines on Information Security, Electronic Banking, Technology Risk Management and Cyber Frauds)
  • The organization should only use wireless NICs where peer-to-peer networking capabilities can be disabled, because peer-to-peer networks bypasses all network-based security. (§ 2.3.2 (2.3.2.060), The Center for Internet Security Wireless Networking Benchmark, 1)
  • Disable peer-to-peer wireless network capabilities on wireless clients. (Control 15.7, The CIS Critical Security Controls for Effective Cyber Defense, Version 6.0)
  • The organization should disable Peer-To-Peer wireless network capabilities, unless it is required for a documented business need. (Critical Control 7.12, Twenty Critical Security Controls for Effective Cyber Defense: Consensus Audit Guidelines, Version 4.0)
  • Disable peer-to-peer (ad hoc) wireless network capabilities on wireless clients. (CIS Control 15: Sub-Control 15.6 Disable Peer-to-Peer Wireless Network Capabilities on Wireless Clients, CIS Controls, 7.1)
  • Disable peer-to-peer (ad hoc) wireless network capabilities on wireless clients. (CIS Control 15: Sub-Control 15.6 Disable Peer-to-Peer Wireless Network Capabilities on Wireless Clients, CIS Controls, V7)
  • WLAN Network Interface Cards (NICs) that cannot turn off or disable peer-to-peer WLAN communications should not be used. Examine the device configuration for each NIC model to verify that peer-to-peer communications can be disabled. (The configuration setting is labeled "Infrastructure mode only" o… (§ 3.2 (WIR0130), DISA WIRELESS SECURITY CHECKLIST, Version 5, Release 2.2, Version 5, Release 2.2)
  • Ensure that the ad hoc mode has been disabled. (§ 5.13.1.1 ¶ 1 11., Criminal Justice Information Services (CJIS) Security Policy, CJISD-ITS-DOC-08140-5.9.1, Version 5.9.1)
  • Mobile devices should disable the ad hoc mode (peer-to-peer), unless a business requirement exists. (Table 8-4 Item 46, Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i, NIST SP 800-97, February 2007)
  • Client devices should disable the ad hoc mode, if possible. (§ 6.3.4 (Ad hoc mode), Guide to Securing Legacy IEEE 802.11 Wireless Networks, NIST SP 800-48, Revision 1)