CCI-001950
CCI-001950 Definition
The organization defines the strength of mechanism requirements for the device that is separate from the system gaining access and is to provide one factor of a multifactor authentication for remote access to non-privileged accounts.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
For the strength of mechanism requirements DoD has defined requirements as DoD PKI or a technology approved by their Authorizing Official, FIPS 140-2, NIAP Certification, or NSA approval.
Validation Procedures
The organization being inspected/assessed is automatically compliant with this CCI because they are covered at the DoD level. For the strength of mechanism requirements DoD has defined requirements as DoD PKI or a technology approved by their Authorizing Official, FIPS 140-2, NIAP Certification, or NSA approval.
Compelling Evidence
Automatically Compliant