Navigate

CCI-001123

CCI-001123 Definition

Route networked, privileged accesses through a dedicated, managed interface for purposes of access control and auditing.

Status
Type	CheckType.technical

Master Assessment Datasheet

Implementation Guidance

Determine if: - networked, privileged accesses are routed through a dedicated, managed interface for purposes of access control. - networked, privileged accesses are routed through a dedicated, managed interface for purposes of auditing

Validation Procedures

Examine: [SELECT FROM: System and communications protection policy; procedures addressing boundary protection; system design documentation; system hardware and software; system architecture; system configuration settings and associated documentation; audit logs; system security plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security responsibilities; system developer; organizational personnel with boundary protection responsibilities]. Test: [SELECT FROM: Mechanisms supporting and/or implementing the routing of networked, privileged access through dedicated, managed interfaces].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001123.

Control	Description
SC-7(15)	Route networked, privileged accesses through a dedicated, managed interface for purposes of access control and auditing.