SC-40: Wireless Link Protection

CSF v1.1 References:

Threats Addressed:

Baselines:

  • Low

    N/A

  • Moderate

    N/A

  • High

    N/A

Next Version:

Control Statement

The information system protects external and internal [Assignment: organization-defined wireless links] from [Assignment: organization-defined types of signal parameter attacks or references to sources for such attacks].

Supplemental Guidance

This control applies to internal and external wireless communication links that may be visible to individuals who are not authorized information system users. Adversaries can exploit the signal parameters of wireless links if such links are not adequately protected. There are many ways to exploit the signal parameters of wireless links to gain intelligence, deny service, or to spoof users of organizational information systems. This control reduces the impact of attacks that are unique to wireless systems. If organizations rely on commercial service providers for transmission services as commodity items rather than as fully dedicated services, it may not be possible to implement this control.

Control Enhancements

SC-40(1): Electromagnetic Interference

Baseline(s):

(Not part of any baseline)

The information system implements cryptographic mechanisms that achieve [Assignment: organization-defined level of protection] against the effects of intentional electromagnetic interference.

SC-40(2): Reduce Detection Potential

Baseline(s):

(Not part of any baseline)

The information system implements cryptographic mechanisms to reduce the detection potential of wireless links to [Assignment: organization-defined level of reduction].

SC-40(3): Imitative Or Manipulative Communications Deception

Baseline(s):

(Not part of any baseline)

The information system implements cryptographic mechanisms to identify and reject wireless transmissions that are deliberate attempts to achieve imitative or manipulative communications deception based on signal parameters.

SC-40(4): Signal Parameter Identification

Baseline(s):

(Not part of any baseline)

The information system implements cryptographic mechanisms to prevent the identification of [Assignment: organization-defined wireless transmitters] by using the transmitter signal parameters.