AC-17(4)

  • Requirement

    1. Authorize the execution of privileged commands and access to security-relevant information via remote access only in a format that provides assessable evidence and for the following needs: [Assignment: organization-defined needs]; and
    2. Document the rationale for remote access in the security plan for the system.
  • Discussion

    Remote access to systems represents a significant potential vulnerability that can be exploited by adversaries. As such, restricting the execution of privileged commands and access to security-relevant information via remote access reduces the exposure of the organization and the susceptibility to threats by adversaries to the remote access capability.

More Info

  • Title

    Remote Access | Privileged Commands and Access
  • Family

    Access Control
  • NIST 800-53B Baseline(s)

    • Moderate
    • High
  • Related NIST 800-53 ID

    AC-6;SC-12;SC-13

NIST 800-53A Assessment Guidance

CMMC Training

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!