AC.L2-3.1.16 — Authorize wireless access prior to allowing such connections.
What this control requires
Authorize wireless access prior to allowing such connections.
Source: CMMC L2 v2.13 AC.L2-3.1.16 / NIST SP 800-171 R2 3.1.16 (official control text).
Why this matters
Wireless networks broadcast signals beyond physical walls, creating entry points that attackers can exploit from parking lots or neighboring buildings. Without authorization controls, any device within radio range could attempt to join your network, bypassing perimeter defenses entirely. This control requires you to validate both the device and user before granting network access, ensuring only known, approved endpoints connect. It directly mitigates rogue access points, evil twin attacks, and unauthorized client connections that could exfiltrate CUI or serve as pivot points into your internal network.
What evidence assessors expect
Assessors typically look for: PDF, CSV export, screenshot. FORCE coaches you through the exact implementation steps and captures each artifact in-platform.
Related controls
See your live posture on AC.L2-3.1.16.
FORCE shows where you stand on this control and walks you through closing it.
Start a free trial tenant →