Select any two versions of this STIG to compare the individual requirements
Select any old version/release of this STIG to view the previous requirements
Detailed Policy Requirements: If a wireless keyboard or mouse is used with any site workstations, the following requirements must be followed: - If WLAN is used for the wireless connection, assign “WLAN Client” asset posture in VMS to the workstation (or PDA) asset and complete WLAN checks assigned to the workstation (or PDA). - If Bluetooth or some other wireless technology is used for the wireless connection, assign “Bluetooth” asset posture in VMS to the workstation (or PDA) asset and complete Bluetooth checks assigned to the workstation(or PDA). Check Procedures: Verify the appropriate VMS wireless posture has been assigned to the workstation asset and the appropriate checks have been completed. Mark as a finding if the requirements are not met. NOTE: Currently, no wireless keyboards or mice meet these requirements. If the wireless mouse/keyboard is using a proprietary RF protocol (i.e., not Bluetooth or 802.11), then apply the Bluetooth checks.
Comply with requirement.
Detailed Policy Requirements: If infrared wireless mice and keyboards are used on classified or unclassified equipment and networks, the following conditions must be followed: - The DAA, in consultation with the CTTA, has approved IR wireless mice and/or keyboards for use in the facility. (The CTTA should evaluate the TEMPEST risks of the system.) - When wireless mice and/or keyboards are used on classified equipment, the area is approved for processing classified information at the appropriate level. - The area is totally enclosed with walls, ceiling, and floor consisting of material opaque to IR. There are no windows unless each window is covered with a film approved for blocking IR. All doors will remain closed when the devices are in operation. - There is no mixing of classified and unclassified equipment using IR within the same enclosed area. - When IR is used with classified equipment in the same enclosed area as unclassified equipment with IR ports, the IR ports on the unclassified equipment is completely covered with metallic tape. - When IR is used with unclassified equipment in the same enclosed area as classified equipment with IR ports, the IR ports on the classified equipment is completely covered with metallic tape. Check Procedures: Review documentation. 1. Verify the IR device is DAA approved and in compliance with CTTA separation requirements. 2. Visually and electronically survey the area to test if emanations from the IR device is transmitting beyond the allowed area as per CTTA (or ask for documentation showing that this testing has be done). 3. Verify the policy requirements listed in the policy above are in place and users are trained on the requirements by interviewing the SM or IAO. Mark as a finding if any of these requirements are not met.
Comply with requirement.