CMMC 2.0 • LEVEL 2 • ACCESS CONTROL

AC.L2-3.1.16Wireless Access

Establish usage restrictions, configuration requirements, and connection requirements for each type of wireless access to the system. Authorize each type of wireless access to the system prior to establishing such connections. Disable, when not intended for use, wireless networking capabilities prior to issuance and deployment. Protect wireless access to the system using authentication and encryption.

NIST 800-171 Mapping

NIST 800-53 Controls

AC-18(1)

Assessment Objectives

  • each type of wireless access to the system is defined.
  • usage restrictions are established for each type of wireless access to the system.
  • configuration requirements are established for each type of wireless access to the system.
  • connection requirements are established for each type of wireless access to the system.
  • each type of wireless access to the system is authorized prior to establishing such connections.
  • wireless networking capabilities not intended for use are disabled prior to issuance and deployment.
  • wireless access to the system is protected using authentication.
  • wireless access to the system is protected using encryption.

Practitioner Notes

Practitioner commentary coming soon.

Related CMMC 2.0 Practices

AC.L1-3.1.1 Account Management AC.L1-3.1.2 Access Enforcement AC.L2-3.1.3 Information Flow Enforcement AC.L2-3.1.4 Separation of Duties