An error occurred:

CCI-004192

CCI-004192 Definition

Protect nonlocal maintenance sessions by separating the maintenance session from other network sessions with the system by logically separated communications paths.
Status
Type CheckType.technical

Master Assessment Datasheet

Implementation Guidance

Determine if nonlocal maintenance sessions are protected by logically separated communication paths.

Validation Procedures

Examine: [SELECT FROM: Maintenance policy; procedures addressing nonlocal system maintenance; system design documentation; system configuration settings and associated documentation; maintenance records; audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with system maintenance responsibilities; network engineers; organizational personnel with information security responsibilities; system/network administrators]. Test: [SELECT FROM: Organizational processes for protecting nonlocal maintenance sessions; mechanisms implementing replay-resistant authenticators; mechanisms implementing logically separated/encrypted communication paths].