RA-5(5)

  • Requirement

    Implement privileged access authorization to [Assignment: organization-defined system components] for [Assignment: organization-defined vulnerability scanning activities].

  • Discussion

    In certain situations, the nature of the vulnerability scanning may be more intrusive, or the system component that is the subject of the scanning may contain classified or controlled unclassified information, such as personally identifiable information. Privileged access authorization to selected system components facilitates more thorough vulnerability scanning and protects the sensitive nature of such scanning.

More Info

  • Title

    Vulnerability Monitoring and Scanning | Privileged Access

  • Family

    Risk Assessment

  • NIST 800-53B Baseline(s)

    • Moderate
    • High

  • Related NIST 800-53 ID

NIST 800-53A Assessment Guidance

CMMC Training

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!

Learn More