Back

Verify wired network interface cards and Wireless Network Interface Cards are not simultaneously active for network devices other than a Wireless Access Point.


CONTROL ID
04596
CONTROL TYPE
Testing
CLASSIFICATION
Detective

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Configure Wireless Access Points in accordance with organizational standards., CC ID: 12477

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • Network devices must be prevented from connecting to an organizationally controlled network and a non-organizationally controlled network at the same time. (Control: 1345, Australian Government Information Security Manual: Controls)
  • NICs and modems must be configured to be mutually exclusive on all remote access devices. (§ 5, DISA Secure Remote Computing Security Technical Implementation Guide, Version 1 Release 2)
  • When wireless network connections are being used, computer and portable electronic device (PED) wired network interfaces (e.g., Ethernet) should be disconnected or disabled. Examine the client devices to verify that a procedure exists, for example, configuration settings, to disable the wireless NIC… (§ 3.2 (WIR0161), DISA WIRELESS SECURITY CHECKLIST, Version 5, Release 2.2, Version 5, Release 2.2)
  • Client devices should be configured to not automatically connect to WLANs or connect to more than one network interface simultaneously. (§ 6.3.4 (IEEE 802.11 radio management), Guide to Securing Legacy IEEE 802.11 Wireless Networks, NIST SP 800-48, Revision 1)