Access Control (AC)

FedRAMP Limits on Authorized Use AC-20 (1)

Sun, Sep 25, 2022 0 0 399 0/5 (0 Vote)

Overview:The organization permits authorized individuals to use an external information system to access the information system or to process, store, or transmit organization-controlled information only when the organization:(a) Verifies the... Read More

FedRAMP Managed Access Control Points AC-17 (3)

Sun, Sep 25, 2022 0 0 410 0/5 (0 Vote)

Overview:The information system routes all remote accesses through [Assignment: organization-defined number] managed network access control points. Supplemental Guidance:Limiting the number of access control points for remote accesses reduces the... Read More

FedRAMP Non-privileged Access for Non-security Functions AC-6 (2)

Sun, Sep 25, 2022 0 0 448 0/5 (0 Vote)

Overview:The organization requires that users of information system accounts, or roles, with access to [Assignment: organization-defined security functions or security-relevant information], use non- privileged accounts or roles, when accessing... Read More

FedRAMP Pattern Hiding Displays AC-11 (1)

Sun, Sep 25, 2022 0 0 450 0/5 (0 Vote)

Overview:The information system conceals, via the session lock, information previously visible on the display with a publicly viewable image. Supplemental Guidance:Publicly viewable images can include static or dynamic images, for example, patterns... Read More

FedRAMP Permitted Actions Without Identification or Authentication AC-14

Sun, Sep 25, 2022 0 0 434 0/5 (0 Vote)

Overview:The organization:a. Identifies [Assignment: organization-defined user actions] that can be performed on the information system without identification or authentication consistent with organizational missions/business functions; andb.... Read More

FedRAMP Physical and Logical Separation of Information Flows AC-4 (21)

Sun, Sep 25, 2022 0 0 453 0/5 (0 Vote)

Overview:The information system separates information flows logically or physically using [Assignment: organization-defined mechanisms and/or techniques] to accomplish [Assignment: organization- defined required separations by types of information].... Read More

FedRAMP Portable Storage Devices AC-20 (2)

Sun, Sep 25, 2022 0 0 418 0/5 (0 Vote)

Overview:The organization [Selection: restricts; prohibits] the use of organization-controlled portable storage devices by authorized individuals on external information systems. Supplemental Guidance:Limits on the use of organization-controlled... Read More

FedRAMP Privileged Accounts AC-6 (5)

Sun, Sep 25, 2022 0 0 514 0/5 (0 Vote)

Overview:The organization restricts privileged accounts on the information system to [Assignment: organization-defined personnel or roles]. Supplemental Guidance:Privileged accounts, including super user accounts, are typically described as system... Read More

FedRAMP Privileged Commands / Access AC-17 (4)

Sun, Sep 25, 2022 0 0 450 0/5 (0 Vote)

Overview:The organization:(a) Authorizes the execution of privileged commands and access to security-relevant information via remote access only for [Assignment: organization-defined needs]; and(b) Documents the rationale for such access in the... Read More

FedRAMP Prohibit Non-Privileged Users From Executing Privileged Functions AC-6 (10)

Sun, Sep 25, 2022 0 0 540 0/5 (0 Vote)

Overview:The information system prevents non-privileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. Supplemental Guidance:Privileged functions include,... Read More

Results 21 - 30 of 43