Navigate

CCI-000202

CCI-000202 Definition

The organization ensures unencrypted static authenticators are not embedded in access scripts.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed documents and implements requirements that unencrypted static authenticators not be embedded in access scripts.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the requirements that unencrypted static authenticators not be embedded in access scripts to ensure the organization being inspected/assessed ensures unencrypted static authenticators are not embedded in access scripts.

Compelling Evidence

1.) Signed and dated SOP/TTP documenting implementation requirements that unencrypted static authenticators not be embedded in access scripts.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000202.

Control	Description
IA-5 (7)	The organization ensures that unencrypted static authenticators are not embedded in applications or access scripts or stored on function keys.