Control 15 Mapping to the NIST Cybersecurity Framework
9 hours 54 minutes
Hey, everyone, welcome back to the course. So in the last video, we took a brief overview of wireless access control, which again is control number 15 in the C. I s controls and this video. We're just gonna take a look at how that maps up to the NIST cybersecurity framework.
So some control 15 ones where we need to maintain an inventory of our authors authorized. Excuse me, wireless access points. So that way we can identify any rogue devices on our network
on this maps up to a couple of CSF one. So I d a m three and d A. He won
some control 15 twos where we need to detect any wireless access points that are connected to the wire network. So again, making sure that these air actually devices we want tohave as opposed to rogue devices on our network.
Some control 15 threes where we're gonna be using a wireless ideas just to make sure we can monitor any type of potential events that are occurring.
Some control 15.4 is where we're talking about disabling wireless access on devices, if not required. So just because you've got the ability to have the wireless access on it You want to disable. That is part of hardening the device if you're not actually going to be using the wireless on that.
So as an example, you get that router from the cable company. If you're not gonna be using the wireless on it, just disable the wireless ability on it. Most of them just have a button you can press. And then you just used a wired connection on those
self control 15 5 limiting the wireless access on client devices. So that's where we can talk about things like segmenting them outright. So we want to limit what they can do. So put them on a guest network or something like that, especially if people are doing the B i b Y o d. Excuse me,
then we want to make sure we segment them out to their own specific network and limit
what they can do with that. So limit the range is well of the wireless signal. So, as an example,
I've got a company. I've got my office space, and I don't want my signal to be beaming out in the parking lot where some criminal hacker can just sit out there and cause havoc on the network, right? I don't want to give them that opportunity. So I want to isolate my network and keep the signal low enough toe where
anyone outside of my immediate office space can't really get access to it. Or at least it's a week enough signal
where they're not worried about getting access to it.
Self control 15 6 We're talking about disabling the pure pure wireless network capabilities.
Some control 15 7 is where we're gonna be using things like a yes encryption
to encrypt the wireless data. Or if you're watching this video 10 years in the future, that's probably something else that'll be out by then By just using the most advanced encryption possible. To help protect that data that's in transit across the wireless network.
Some control 15 8 using wireless authentication protocols that use multi factor authentication, writes rmf a so making sure that we're using multi factor authentication on all of these protocols.
Some control. 59. Disabling the wireless personal device access,
then maps up to a P. R. I. P. One.
So again, really, almost much of this is going back to just hardening those devices you have and making sure you're not leaving things open. That someone could then exploit
sub control 15 10 creating separate wires networks for personal and untrusted devices. Again, I mentioned that right. Create a guest network for the B I B Y o d. And let people use that one.
So in this video, we just took a look at how sea Ice Control 15 again the wireless access control. How that mapped up to the nest, that cybersecurity framework
in the next module, we're gonna take a look at control 16.