NIST SP 800-53 r4 - Security Control Family: Access Control - Controls for HIGH Impact Systems, v4
Profile of requirements corresponding to all HIGH impact security controls in NIST Special Publication 800-53, r4, under the control family of Access Control.
| Identifier | https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4---security-control-family_-access-control---controls-for-high-impact-systems/4/ | ||||
| Publication Date | 2021-04-26 | ||||
| Issuing Organization |
Trustmark Initiative (https://trustmarkinitiative.org/)
View Contact
|
||||
| Keywords | 800-53, Access Control, NIST, Security, High | ||||
| Legal Notice | This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein. |
Loading...
Trust Expression:
TIP_NISTSP80053r4SecurityControlFamilyAccessControlControlsforMODERATEImpactSystems and TIP_NISTSP80053r4SecurityControlAC1AccessControlPolicyandProcedures and TIP_NISTSP80053r4SecurityControlAC2AccountManagement and TIP_NISTSP80053r4SecurityControlAC21AutomatedSystemAccountManagement and TIP_NISTSP80053r4SecurityControlAC22RemovalofTemporaryEmergencyAccounts and TIP_NISTSP80053r4SecurityControlAC23DisableInactiveAccounts and TIP_NISTSP80053r4SecurityControlAC24AutomatedAuditActions and TIP_NISTSP80053r4SecurityControlAC25InactivityLogout and TIP_NISTSP80053r4SecurityControlAC211UsageConditions and TIP_NISTSP80053r4SecurityControlAC212AccountMonitoringAtypicalUsage and TIP_NISTSP80053r4SecurityControlAC213DisableAccountsforHighRiskIndividuals and TIP_NISTSP80053r4SecurityControlAC3AccessEnforcement and TIP_NISTSP80053r4SecurityControlAC4InformationFlowEnforcement and TIP_NISTSP80053r4SecurityControlAC5SeparationofDuties and TIP_NISTSP80053r4SecurityControlAC6LeastPrivilege and TIP_NISTSP80053r4SecurityControlAC61AuthorizeAccesstoSecurityFunctions and TIP_NISTSP80053r4SecurityControlAC62NonPrivilegedAccessforNonsecurityFunctions and TIP_NISTSP80053r4SecurityControlAC63NetworkAccesstoPrivilegedCommands and TIP_NISTSP80053r4SecurityControlAC65PrivilegedAccounts and TIP_NISTSP80053r4SecurityControlAC69AuditingUseofPrivilegedFunctions and TIP_NISTSP80053r4SecurityControlAC610ProhibitNonPrivilegedUsersfromExecutingPrivilegedFunctions and TIP_NISTSP80053r4SecurityControlAC7UnsuccessfulLogonAttempts and TIP_NISTSP80053r4SecurityControlAC8SystemUseNotification and TIP_NISTSP80053r4SecurityControlAC10ConcurrentSessionControl and TIP_NISTSP80053r4SecurityControlAC11SessionLock and TIP_NISTSP80053r4SecurityControlAC111PatternHidingDisplays and TIP_NISTSP80053r4SecurityControlAC12SessionTermination and TIP_NISTSP80053r4SecurityControlAC14PermittedActionsWithoutIdentificationorAuthentication and TIP_NISTSP80053r4SecurityControlAC17RemoteAccess and TIP_NISTSP80053r4SecurityControlAC171AutomatedMonitoringControl and TIP_NISTSP80053r4SecurityControlAC172ProtectionofConfidentialityIntegrityUsingEncryption and TIP_NISTSP80053r4SecurityControlAC173ManagedAccessControlPoints and TIP_NISTSP80053r4SecurityControlAC174PrivilegedCommandsAccess and TIP_NISTSP80053r4SecurityControlAC18WirelessAccess and TIP_NISTSP80053r4SecurityControlAC181AuthenticationandEncryption and TIP_NISTSP80053r4SecurityControlAC184RestrictConfigurationsbyUsers and TIP_NISTSP80053r4SecurityControlAC185AntennasTransmissionPowerLevels and TIP_NISTSP80053r4SecurityControlAC19AccessControlforMobileDevices and TIP_NISTSP80053r4SecurityControlAC195FullDeviceContainerBasedEncryption and TIP_NISTSP80053r4SecurityControlAC20UseofExternalInformationSystems and TIP_NISTSP80053r4SecurityControlAC201LimitsonAuthorizedUse and TIP_NISTSP80053r4SecurityControlAC202PortableStorageDevices and TIP_NISTSP80053r4SecurityControlAC21InformationSharing and TIP_NISTSP80053r4SecurityControlAC22PubliclyAccessibleContent
References (44)
| TIP NIST SP 800-53 r4 - Security Control Family: Access Control - Controls for MODERATE Impact Systems, v4 | |
|---|---|
| Description | Profile of requirements corresponding to all MODERATE impact security controls in NIST Special Publication 800-53, r4, under the control family of Access Control. |
| ID | TIP_NISTSP80053r4SecurityControlFamilyAccessControlControlsforMODERATEImpactSystems |
| TIP NIST SP 800-53 r4 Security Control AC-1: Access Control Policy and Procedures, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-1: Access Control Policy and Procedures. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC1AccessControlPolicyandProcedures |
| TIP NIST SP 800-53 r4 Security Control AC-2: Account Management, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-2: Account Management. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC2AccountManagement |
| TIP NIST SP 800-53 r4 Security Control AC-2 (1): Automated System Account Management, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-2 (1): Automated System Account Management. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC21AutomatedSystemAccountManagement |
| TIP NIST SP 800-53 r4 Security Control AC-2 (2): Removal of Temporary / Emergency Accounts, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-2 (2): Removal of Temporary / Emergency Accounts. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC22RemovalofTemporaryEmergencyAccounts |
| TIP NIST SP 800-53 r4 Security Control AC-2 (3): Disable Inactive Accounts, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-2 (3): Disable Inactive Accounts. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC23DisableInactiveAccounts |
| TIP NIST SP 800-53 r4 Security Control AC-2 (4): Automated Audit Actions, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-2 (4): Automated Audit Actions. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC24AutomatedAuditActions |
| TIP NIST SP 800-53 r4 Security Control AC-2 (5): Inactivity Logout, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-2 (5): Inactivity Logout. Applicable to HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC25InactivityLogout |
| TIP NIST SP 800-53 r4 Security Control AC-2 (11): Usage Conditions, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-2 (11): Usage Conditions. Applicable to HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC211UsageConditions |
| TIP NIST SP 800-53 r4 Security Control AC-2 (12): Account Monitoring / Atypical Usage, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-2 (12): Account Monitoring / Atypical Usage. Applicable to HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC212AccountMonitoringAtypicalUsage |
| TIP NIST SP 800-53 r4 Security Control AC-2 (13): Disable Accounts for High-Risk Individuals, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-2 (13): Disable Accounts for High-Risk Individuals. Applicable to HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC213DisableAccountsforHighRiskIndividuals |
| TIP NIST SP 800-53 r4 Security Control AC-3: Access Enforcement, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-3: Access Enforcement. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC3AccessEnforcement |
| TIP NIST SP 800-53 r4 Security Control AC-4: Information Flow Enforcement, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-4: Information Flow Enforcement. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC4InformationFlowEnforcement |
| TIP NIST SP 800-53 r4 Security Control AC-5: Separation of Duties, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-5: Separation of Duties. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC5SeparationofDuties |
| TIP NIST SP 800-53 r4 Security Control AC-6: Least Privilege, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-6: Least Privilege. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC6LeastPrivilege |
| TIP NIST SP 800-53 r4 Security Control AC-6 (1): Authorize Access to Security Functions, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-6 (1): Authorize Access to Security Functions. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC61AuthorizeAccesstoSecurityFunctions |
| TIP NIST SP 800-53 r4 Security Control AC-6 (2): Non-Privileged Access for Nonsecurity Functions, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-6 (2): Non-Privileged Access for Nonsecurity Functions. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC62NonPrivilegedAccessforNonsecurityFunctions |
| TIP NIST SP 800-53 r4 Security Control AC-6 (3): Network Access to Privileged Commands, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-6 (3): Network Access to Privileged Commands. Applicable to HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC63NetworkAccesstoPrivilegedCommands |
| TIP NIST SP 800-53 r4 Security Control AC-6 (5): Privileged Accounts, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-6 (5): Privileged Accounts. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC65PrivilegedAccounts |
| TIP NIST SP 800-53 r4 Security Control AC-6 (9): Auditing Use of Privileged Functions, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-6 (9): Auditing Use of Privileged Functions. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC69AuditingUseofPrivilegedFunctions |
| TIP NIST SP 800-53 r4 Security Control AC-6 (10): Prohibit Non-Privileged Users from Executing Privileged Functions, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-6 (10): Prohibit Non-Privileged Users from Executing Privileged Functions. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC610ProhibitNonPrivilegedUsersfromExecutingPrivilegedFunctions |
| TIP NIST SP 800-53 r4 Security Control AC-7: Unsuccessful Logon Attempts, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-7: Unsuccessful Logon Attempts. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC7UnsuccessfulLogonAttempts |
| TIP NIST SP 800-53 r4 Security Control AC-8: System Use Notification, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-8: System Use Notification. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC8SystemUseNotification |
| TIP NIST SP 800-53 r4 Security Control AC-10: Concurrent Session Control, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-10: Concurrent Session Control. Applicable to HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC10ConcurrentSessionControl |
| TIP NIST SP 800-53 r4 Security Control AC-11: Session Lock, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-11: Session Lock. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC11SessionLock |
| TIP NIST SP 800-53 r4 Security Control AC-11 (1): Pattern-Hiding Displays, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-11 (1): Pattern-Hiding Displays. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC111PatternHidingDisplays |
| TIP NIST SP 800-53 r4 Security Control AC-12: Session Termination, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-12: Session Termination. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC12SessionTermination |
| TIP NIST SP 800-53 r4 Security Control AC-14: Permitted Actions Without Identification or Authentication, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-14: Permitted Actions Without Identification or Authentication. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC14PermittedActionsWithoutIdentificationorAuthentication |
| TIP NIST SP 800-53 r4 Security Control AC-17: Remote Access, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-17: Remote Access. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC17RemoteAccess |
| TIP NIST SP 800-53 r4 Security Control AC-17 (1): Automated Monitoring / Control, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-17 (1): Automated Monitoring / Control. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC171AutomatedMonitoringControl |
| TIP NIST SP 800-53 r4 Security Control AC-17 (2): Protection of Confidentiality / Integrity Using Encryption, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-17 (2): Protection of Confidentiality / Integrity Using Encryption. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC172ProtectionofConfidentialityIntegrityUsingEncryption |
| TIP NIST SP 800-53 r4 Security Control AC-17 (3): Managed Access Control Points, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-17 (3): Managed Access Control Points. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC173ManagedAccessControlPoints |
| TIP NIST SP 800-53 r4 Security Control AC-17 (4): Privileged Commands / Access, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-17 (4): Privileged Commands / Access. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC174PrivilegedCommandsAccess |
| TIP NIST SP 800-53 r4 Security Control AC-18: Wireless Access, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-18: Wireless Access. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC18WirelessAccess |
| TIP NIST SP 800-53 r4 Security Control AC-18 (1): Authentication and Encryption, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-18 (1): Authentication and Encryption. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC181AuthenticationandEncryption |
| TIP NIST SP 800-53 r4 Security Control AC-18 (4): Restrict Configurations by Users, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-18 (4): Restrict Configurations by Users. Applicable to HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC184RestrictConfigurationsbyUsers |
| TIP NIST SP 800-53 r4 Security Control AC-18 (5): Antennas / Transmission Power Levels, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-18 (5): Antennas / Transmission Power Levels. Applicable to HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC185AntennasTransmissionPowerLevels |
| TIP NIST SP 800-53 r4 Security Control AC-19: Access Control for Mobile Devices, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-19: Access Control for Mobile Devices. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC19AccessControlforMobileDevices |
| TIP NIST SP 800-53 r4 Security Control AC-19 (5): Full Device / Container-Based Encryption, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-19 (5): Full Device / Container-Based Encryption. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC195FullDeviceContainerBasedEncryption |
| TIP NIST SP 800-53 r4 Security Control AC-20: Use of External Information Systems, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-20: Use of External Information Systems. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC20UseofExternalInformationSystems |
| TIP NIST SP 800-53 r4 Security Control AC-20 (1): Limits on Authorized Use, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-20 (1): Limits on Authorized Use. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC201LimitsonAuthorizedUse |
| TIP NIST SP 800-53 r4 Security Control AC-20 (2): Portable Storage Devices, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-20 (2): Portable Storage Devices. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC202PortableStorageDevices |
| TIP NIST SP 800-53 r4 Security Control AC-21: Information Sharing, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-21: Information Sharing. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC21InformationSharing |
| TIP NIST SP 800-53 r4 Security Control AC-22: Publicly Accessible Content, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-22: Publicly Accessible Content. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlAC22PubliclyAccessibleContent |
Sources (1)
| SP800-53R4 | NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4. |