Overview:
The information system implements replay-resistant authentication mechanisms for network access to privileged accounts.
Supplemental Guidance:
Authentication processes resist replay attacks if it is impractical to achieve successful authentications by replaying previous authentication messages. Replay- resistant techniques include, for example, protocols that use nonces or challenges such as Transport Layer Security (TLS) and time synchronous or challenge-response one-time authenticators.
Action Items:
1) Ensure information systems authentication mechanisms are resistant to replay attacks
Related Documents:
1) Identity and Access Management Policy
2) Access Control
Additional Guidance:
Moderate FedRAMP-Defined Assignment / Selection Parameters
none
Moderate Additional FedRAMP Requirements and Guidance
none
Article ID: 696
Created: September 30, 2022
Last Updated: September 30, 2022
Author: Matthew Burdick
Online URL: http://www.compliancewiki.org/article/network-access-to-privileged-accounts-replay-resistant-ia-2-8-696.html