AC-6(4)

  • Requirement

    Provide separate processing domains to enable finer-grained allocation of user privileges.

  • Discussion

    Providing separate processing domains for finer-grained allocation of user privileges includes using virtualization techniques to permit additional user privileges within a virtual machine while restricting privileges to other virtual machines or to the underlying physical machine, implementing separate physical domains, and employing hardware or software domain separation mechanisms.

More Info

  • Title

    Least Privilege | Separate Processing Domains
  • Family

    Access Control
  • NIST 800-53B Baseline(s)

    • Related NIST 800-53 ID

      AC-4;SC-2;SC-3;SC-30;SC-32;SC-39

    NIST 800-53A Assessment Guidance

    CMMC Training

    Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!