AC-6(3): Network Access to Privileged Commands

Control Family:

Access Control

Parent Control:

AC-6: Least Privilege

CSF v1.1 References:

PR.AC-4
PR.DS-5

Threats Addressed:

Elevation of Privilege

Baselines:

High

Previous Version:

NIST Special Publication 800-53 Revision 4:
AC-6(3): Network Access To Privileged Commands

Control Statement

Authorize network access to [Assignment: organization-defined privileged commands] only for [Assignment: organization-defined compelling operational needs] and document the rationale for such access in the security plan for the system.

Supplemental Guidance

Network access is any access across a network connection in lieu of local access (i.e., user being physically present at the device).

Control Statement

Supplemental Guidance

Related Controls

NIST Special Publication 800-53 Revision 5