Skip to Content

Network Access to Privileged Accounts Replay Resistant IA-2(8)

696  Matthew Burdick September 30, 2022  Identification and Authentication (IA)

Overview:
The information system implements replay-resistant authentication mechanisms for network access to privileged accounts.


Supplemental Guidance:
Authentication processes resist replay attacks if it is impractical to achieve successful authentications by replaying previous authentication messages. Replay- resistant techniques include, for example, protocols that use nonces or challenges such as Transport Layer Security (TLS) and time synchronous or challenge-response one-time authenticators.


Action Items:
1) Ensure information systems authentication mechanisms are resistant to replay attacks

 

Related Documents:
1) Identity and Access Management Policy

2) Access Control


Additional Guidance:
Moderate FedRAMP-Defined Assignment / Selection Parameters
none


Moderate Additional FedRAMP Requirements and Guidance
none
Not Rated
Secure Code