AC.L2-3.1.17—Wireless Access Protection
Level 2
800-171: 3.1.17
>Control Description
Protect wireless access using authentication and encryption.
>Cross-Framework Mappings
>Assessment Interview Topics
Questions assessors commonly ask
Process & Governance:
- •What is your wireless access policy and authorization process?
- •How do you govern who can approve wireless access requests?
- •What standards or frameworks guide your wireless security implementation?
- •How often do you review authorized wireless devices and connections?
Technical Implementation:
- •What wireless security protocols are implemented (WPA2, WPA3)?
- •How do you enforce strong authentication for wireless (EAP-TLS, 802.1X)?
- •What encryption standards protect wireless communications?
- •How do you prevent use of weak wireless security (WEP, WPA)?
- •What tools verify wireless security configurations?
Evidence & Documentation:
- •What documentation demonstrates your access control policies and procedures?
- •What access control matrices or permissions documentation can you provide?
- •What access request and approval records can you show?
- •What access review documentation demonstrates periodic reviews?
- •What audit logs demonstrate access control enforcement?
- •What screenshots or configuration exports show access control settings?
Ask AI
Configure your API key to use AI features.