3.7.5

Requirement

a. Approve and monitor nonlocal maintenance and diagnostic activities.
b. Implement multi-factor authentication and replay resistance in the establishment of nonlocal maintenance and diagnostic sessions.
c. Terminate session and network connections when nonlocal maintenance is completed.

Discussion

Nonlocal maintenance and diagnostic activities are conducted by individuals who communicate through an external or internal network. Local maintenance and diagnostic activities are carried out by individuals who are physically present at the location of the system and not communicating across a network connection. Authentication techniques used to establish nonlocal maintenance and diagnostic sessions reflect the requirements in 03.05.01.

NIST 800-171A r3 Assessment Guidance

Examine

[SELECT FROM: maintenance policy and procedures; remote access policy and procedures; procedures for nonlocal system maintenance; records of remote access; maintenance records; diagnostic records; system design documentation; system configuration settings; system security plan; other relevant documents or records]
Interview

[SELECT FROM: processes for managing nonlocal maintenance; mechanisms for implementing, supporting, or managing nonlocal maintenance; mechanisms for implementing multi-factor authentication and replay resistance; mechanisms for terminating nonlocal maintenance sessions and network connections]
Test

[SELECT FROM: personnel with system maintenance responsibilities; personnel with information security responsibilities; system administrators]

ID	Assessment Objectives
A.03.07.05.a[01]	nonlocal maintenance and diagnostic activities are approved.
A.03.07.05.a[02]	nonlocal maintenance and diagnostic activities are monitored.
A.03.07.05.b[01]	multi-factor authentication is implemented in the establishment of nonlocal maintenance and diagnostic sessions.
A.03.07.05.b[02]	replay resistance is implemented in the establishment of nonlocal maintenance and diagnostic sessions.
A.03.07.05.c[01]	session connections are terminated when nonlocal maintenance is completed.
A.03.07.05.c[02]	network connections are terminated when nonlocal maintenance is completed.

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!