AC-6(8)

  • Requirement

    Prevent the following software from executing at higher privilege levels than users executing the software: [Assignment: organization-defined software].

  • Discussion

    In certain situations, software applications or programs need to execute with elevated privileges to perform required functions. However, depending on the software functionality and configuration, if the privileges required for execution are at a higher level than the privileges assigned to organizational users invoking such applications or programs, those users may indirectly be provided with greater privileges than assigned.

More Info

  • Title

    Least Privilege | Privilege Levels for Code Execution
  • Family

    Access Control
  • NIST 800-53B Baseline(s)

    • Related NIST 800-53 ID

    NIST 800-53A Assessment Guidance

    CMMC Training

    Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!