💼 PR.AC-6: Identities are proofed and bound to credentials and asserted in interactions

• Contextual name: 💼 PR.AC-6: Identities are proofed and bound to credentials and asserted in interactions
• ID: /frameworks/nist-csf-v1.1/pr-ac/06
• Located in: 💼 Identity Management, Authentication and Access Control (PR.AC)

Description

Empty...

Similar

• Sections
  • /frameworks/iso-iec-27001-2013/07/01/01
  • /frameworks/iso-iec-27001-2013/09/02/01
  • /frameworks/nist-sp-800-53-r4/ac/01
  • /frameworks/nist-sp-800-53-r4/ac/02
  • /frameworks/nist-sp-800-53-r4/ac/03
  • /frameworks/nist-sp-800-53-r4/ac/16
  • /frameworks/nist-sp-800-53-r4/ac/19
  • /frameworks/nist-sp-800-53-r4/ac/24
  • /frameworks/nist-sp-800-53-r4/ia/01
  • /frameworks/nist-sp-800-53-r4/ia/02
  • /frameworks/nist-sp-800-53-r4/ia/04
  • /frameworks/nist-sp-800-53-r4/ia/05
  • /frameworks/nist-sp-800-53-r4/ia/08
  • /frameworks/nist-sp-800-53-r4/pe/02
  • /frameworks/nist-sp-800-53-r4/ps/03
• Internal
  • ID: dec-c-f39f2c6f

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 ISO/IEC 27001:2013 → 💼 A.7.1.1 Screening
💼 ISO/IEC 27001:2013 → 💼 A.9.2.1 User registration and de-registration		1	1
💼 NIST SP 800-53 Revision 4 → 💼 AC-1 ACCESS CONTROL POLICY AND PROCEDURES
💼 NIST SP 800-53 Revision 4 → 💼 AC-2 ACCOUNT MANAGEMENT	13	3	6
💼 NIST SP 800-53 Revision 4 → 💼 AC-3 ACCESS ENFORCEMENT	10		2
💼 NIST SP 800-53 Revision 4 → 💼 AC-16 SECURITY ATTRIBUTES	10
💼 NIST SP 800-53 Revision 4 → 💼 AC-19 ACCESS CONTROL FOR MOBILE DEVICES	5
💼 NIST SP 800-53 Revision 4 → 💼 AC-24 ACCESS CONTROL DECISIONS	2
💼 NIST SP 800-53 Revision 4 → 💼 IA-1 IDENTIFICATION AND AUTHENTICATION POLICY AND PROCEDURES
💼 NIST SP 800-53 Revision 4 → 💼 IA-2 IDENTIFICATION AND AUTHENTICATION (ORGANIZATIONAL USERS)	13	1	2
💼 NIST SP 800-53 Revision 4 → 💼 IA-4 IDENTIFIER MANAGEMENT	7
💼 NIST SP 800-53 Revision 4 → 💼 IA-5 AUTHENTICATOR MANAGEMENT	15	2	2
💼 NIST SP 800-53 Revision 4 → 💼 IA-8 IDENTIFICATION AND AUTHENTICATION (NON-ORGANIZATIONAL USERS)	5
💼 NIST SP 800-53 Revision 4 → 💼 PE-2 PHYSICAL ACCESS AUTHORIZATIONS	3
💼 NIST SP 800-53 Revision 4 → 💼 PS-3 PERSONNEL SCREENING	3

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST CSF v2.0 → 💼 PR.AA-02: Identities are proofed and bound to credentials based on the context of interactions			13

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (13)

Policy	Logic Count	Flags
📝 AWS Account IAM Password Policy Number of passwords to remember is not set to 24 🟢	1	🟢 x6
📝 AWS EC2 Instance IAM role is not attached 🟢	1	🟢 x6
📝 AWS IAM User has inline or directly attached policies 🟢	1	🟠 x1, 🟢 x5
📝 AWS IAM User with console and programmatic access set during the initial creation 🟢		🟢 x3
📝 AWS S3 Bucket MFA Delete is not enabled 🟠🟢	1	🟠 x1, 🟢 x6
📝 Azure App Service Authentication is disabled and Basic Authentication is enabled 🟢	1	🟢 x6
📝 Azure App Service Basic Authentication is enabled 🟢		🟢 x3
📝 Consumer Google Accounts are used 🟢		🟢 x3
📝 Google Accounts are not configured with MFA 🟢		🟢 x3
📝 Google BigQuery Dataset is anonymously or publicly accessible 🟢	1	🟢 x6
📝 Google Cloud Audit Logging is not configured properly 🟢	1	🟢 x6
📝 Google Cloud MySQL Instance allows anyone to connect with administrative privileges 🟢		🟢 x3
📝 Google Storage Bucket is anonymously or publicly accessible 🟢	1	🟢 x6

Internal Rules

Rule	Policies	Flags
✉️ dec-x-6c93750d	1
✉️ dec-x-4157c58a	1
✉️ dec-x-ca52f63a	2
✉️ dec-z-79f4ab88	1