03.01.17 —

What this control requires

Source: NIST SP 800-171 R3 §03.01.17 (official control text).

Why this matters

Wireless access introduces significant attack vectors because radio signals can extend beyond physical boundaries, allowing adversaries to intercept traffic or attempt unauthorized connections from parking lots, adjacent buildings, or public areas. This control mandates that organizations authenticate all wireless connections and encrypt transmitted data to prevent eavesdropping, man-in-the-middle attacks, and rogue device connections. Without proper wireless protections, attackers can capture credentials, inject malicious traffic, or establish persistent access to internal networks. Protecting wireless access is essential for safeguarding Controlled Unclassified Information that may traverse these networks and maintaining the confidentiality and integrity of organizational communications.

What evidence assessors expect

Assessors typically look for: configuration export, screenshot, PDF, CSV export. FORCE coaches you through the exact implementation steps and captures each artifact in-platform.

Related controls