CCI-002164
CCI-002164 Definition
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
Determine if: - [AC-03(04)_ODP[01]; discretionary access control policy enforced over the set of covered subjects is defined] is enforced over the set of covered subjects specified in the policy. - [AC-03(04)_ODP[02]; discretionary access control policy enforced over the set of covered objects is defined] is enforced over the set of covered objects specified in the policy.
Validation Procedures
Examine: [SELECT FROM: Access control policy; discretionary access control policies; procedures addressing access enforcement; system design documentation; system configuration settings and associated documentation; list of subjects and objects (i.e., users and resources) requiring enforcement of discretionary access control policies; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with access enforcement responsibilities; system/network administrators; organizational personnel with information security responsibilities; system developers]. Test: [SELECT FROM: Mechanisms implementing discretionary access control policy].