Navigate

CCI-002317

CCI-002317 Definition

Defines the needs for when the execution of privileged commands via remote access is to be authorized.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Determine if: - the execution of privileged commands via remote access is authorized only in a format that provides assessable evidence. - access to security-relevant information via remote access is authorized only in a format that provides assessable evidence. - the execution of privileged commands via remote access is authorized only for the following needs: [AC-17(04)_ODP[01]; needs requiring execution of privileged commands via remote access are defined]. - access to security-relevant information via remote access is authorized only for the following needs: [AC-17(04)_ODP[02]; needs requiring access to security-relevant information via remote access are defined].

Validation Procedures

Examine: [SELECT FROM: Access control policy; procedures addressing remote access to the system; system configuration settings and associated documentation; security plan; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security responsibilities]. Test: [SELECT FROM: Mechanisms implementing remote access management].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002317.

Control	Description
AC-17(4)	(a): Authorize the execution of privileged commands and access to security-relevant information via remote access only in a format that provides assessable evidence and for the following needs: [one of ] ; and (b): Document the rationale for remote access in the security plan for the system.