CCI-001935
CCI-001935 Definition
The organization defines the strength of mechanism requirements for the device that is separate from the system gaining access to privileged accounts.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
For the strength of mechanism requirements DoD has defined requirements as DoD PKI or a technology approved by their Authorizing Official, FIPS 140-2, NIAP Certification, or NSA approval.
Validation Procedures
The organization being inspected/assessed is automatically compliant with this CCI because they are covered at the DoD level. For the strength of mechanism requirements DoD has defined requirements as DoD PKI or a technology approved by their Authorizing Official, FIPS 140-2, NIAP Certification, or NSA approval.
Compelling Evidence
Automatically Compliant