SC-2 (1)
SC-2 (1): Interfaces For Non-Privileged Users
The information system prevents the presentation of information system management-related functionality at an interface for non-privileged users.
Supplemental
This control enhancement ensures that administration options (e.g., administrator privileges) are not available to general users (including prohibiting the use of the grey-out option commonly used to eliminate accessibility to such information). Such restrictions include, for example, not presenting administration options until users establish sessions with administrator privileges.
| CIA Levels | |
|---|---|
| Confidentiality | unknown |
| Integrity | unknown |
| Availability | unknown |
| Overlays |
|---|
| Cross Domain (Access), Cross Domain (Multilevel), Cross Domain (Transfer), Int-A, Int-B, Int-C |