2.1 KiB
| implementation-status | control-origination | |||||
|---|---|---|---|---|---|---|
|
|
ac-17.4 - [catalog] Privileged Commands and Access
Control Statement
-
[a] Authorize the execution of privileged commands and access to security-relevant information via remote access only in a format that provides assessable evidence and for the following needs: organization-defined needs ; and
-
[b] Document the rationale for remote access in the security plan for the system.
Control guidance
Remote access to systems represents a significant potential vulnerability that can be exploited by adversaries. As such, restricting the execution of privileged commands and access to security-relevant information via remote access reduces the exposure of the organization and the susceptibility to threats by adversaries to the remote access capability.
Control assessment-objective
the execution of privileged commands via remote access is authorized only in a format that provides assessable evidence; access to security-relevant information via remote access is authorized only in a format that provides assessable evidence; the execution of privileged commands via remote access is authorized only for the following needs: needs requiring remote access; access to security-relevant information via remote access is authorized only for the following needs: needs requiring remote access; the rationale for remote access is documented in the security plan for the system.
What is the solution and how is it implemented?
Implementation (a)
Add control implementation description here for item ac-17.4_smt.a
Implementation (b)
Add control implementation description here for item ac-17.4_smt.b