AC.L2-3.1.17 — Protect wireless access using authentication and encryption.
What this control requires
Protect wireless access using authentication and encryption.
Source: CMMC L2 v2.13 AC.L2-3.1.17 / NIST SP 800-171 R2 3.1.17 (official control text).
Why this matters
Wireless networks broadcast data through the air where anyone within range can intercept traffic. Without proper authentication, unauthorized devices connect to your network and pivot into internal systems. Without encryption, attackers capture credentials, emails, and sensitive files in plaintext using passive sniffing tools. This control mandates that every wireless access point enforce device authentication (proving identity before connection) and encrypt all traffic end-to-end using modern cryptographic standards. It protects against rogue devices, man-in-the-middle attacks, and eavesdropping on CUI transmissions over WiFi.
What evidence assessors expect
Assessors typically look for: screenshot, configuration export, photo. FORCE coaches you through the exact implementation steps and captures each artifact in-platform.
Related controls
See your live posture on AC.L2-3.1.17.
FORCE shows where you stand on this control and walks you through closing it.
Start a free trial tenant →