CCI-001558
CCI-001558 Definition
| Status | |
| Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
Determine if: - access is authorized for [AC-06(01)_ODP[01]; individuals and roles with authorized access to security functions and security-relevant information are defined] to [AC-06(01)_ODP[02]; security functions (deployed in hardware) for authorized access are defined]. - access is authorized for [AC-06(01)_ODP[01]; individuals and roles with authorized access to security functions and security-relevant information are defined] to [AC-06(01)_ODP[03]; security functions (deployed in software) for authorized access are defined]. - access is authorized for [AC-06(01)_ODP[01]; individuals and roles with authorized access to security functions and security-relevant information are defined] to [AC-06(01)_ODP[04]; security functions (deployed in firmware) for authorized access are defined].
Validation Procedures
Examine: [SELECT FROM: Access control policy; procedures addressing least privilege; list of security functions (deployed in hardware, software, and firmware) and security-relevant information for which access must be explicitly authorized; system configuration settings and associated documentation; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with responsibilities for defining least privileges necessary to accomplish specified tasks; organizational personnel with information security responsibilities; system/network administrators]. Test: [SELECT FROM: Mechanisms implementing least privilege functions].