Navigate

IA-2(9)

IA-2(9): Network Access to Non-privileged Accounts - Replay Resistant

The information system implements replay-resistant authentication mechanisms for network access to non-privileged accounts.

Supplemental

Authentication processes resist replay attacks if it is impractical to achieve successful authentications by recording/replaying previous authentication messages. Replay-resistant techniques include, for example, protocols that use nonces or challenges such as Transport Layer Security (TLS) and time synchronous or challenge-response one-time authenticators.

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
None

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to IA-2(9).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of IA-2(9).

Control	Description
No controls

Related CCIs

The CCIs below are tied to IA-2(9).

CCI	Definition
CCI-001942	The information system implements replay-resistant authentication mechanisms for network access to non-privileged accounts.