AC-17(1): Monitoring and Control

Control Family:

Access Control

Parent Control:

AC-17: Remote Access

CSF v1.1 References:

PR.AC-3
PR.PT-4

Threats Addressed:

Lateral Movement

Baselines:

Moderate
High

Previous Version:

NIST Special Publication 800-53 Revision 4:
AC-17(1): Automated Monitoring / Control

Control Statement

Employ automated mechanisms to monitor and control remote access methods.

Supplemental Guidance

Monitoring and control of remote access methods allows organizations to detect attacks and help ensure compliance with remote access policies by auditing the connection activities of remote users on a variety of system components, including servers, notebook computers, workstations, smart phones, and tablets. Audit logging for remote access is enforced by AU-2. Audit events are defined in AU-2a.

Control Statement

Supplemental Guidance

Related Controls

NIST Special Publication 800-53 Revision 5

Critical Security Controls Version 8