Skip to main content

💼 PR.AC-6: Identities are proofed and bound to credentials and asserted in interactions

Contextual name: 💼 PR.AC-6: Identities are proofed and bound to credentials and asserted in interactions
ID: /frameworks/nist-csf-v1.1/pr-ac/06
Located in: 💼 Identity Management, Authentication and Access Control (PR.AC)

Description

Empty...

Similar

Sections
- /frameworks/iso-iec-27001-2013/07/01/01
- /frameworks/iso-iec-27001-2013/09/02/01
- /frameworks/nist-sp-800-53-r4/ac/01
- /frameworks/nist-sp-800-53-r4/ac/02
- /frameworks/nist-sp-800-53-r4/ac/03
- /frameworks/nist-sp-800-53-r4/ac/16
- /frameworks/nist-sp-800-53-r4/ac/19
- /frameworks/nist-sp-800-53-r4/ac/24
- /frameworks/nist-sp-800-53-r4/ia/01
- /frameworks/nist-sp-800-53-r4/ia/02
- /frameworks/nist-sp-800-53-r4/ia/04
- /frameworks/nist-sp-800-53-r4/ia/05
- /frameworks/nist-sp-800-53-r4/ia/08
- /frameworks/nist-sp-800-53-r4/pe/02
- /frameworks/nist-sp-800-53-r4/ps/03
Internal
- ID: dec-c-f39f2c6f

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 ISO/IEC 27001:2013 → 💼 A.7.1.1 Screening
💼 ISO/IEC 27001:2013 → 💼 A.9.2.1 User registration and de-registration		1	1
💼 NIST SP 800-53 Revision 4 → 💼 AC-1 ACCESS CONTROL POLICY AND PROCEDURES
💼 NIST SP 800-53 Revision 4 → 💼 AC-2 ACCOUNT MANAGEMENT	13	2	2
💼 NIST SP 800-53 Revision 4 → 💼 AC-3 ACCESS ENFORCEMENT	10
💼 NIST SP 800-53 Revision 4 → 💼 AC-16 SECURITY ATTRIBUTES	10
💼 NIST SP 800-53 Revision 4 → 💼 AC-19 ACCESS CONTROL FOR MOBILE DEVICES	5
💼 NIST SP 800-53 Revision 4 → 💼 AC-24 ACCESS CONTROL DECISIONS	2
💼 NIST SP 800-53 Revision 4 → 💼 IA-1 IDENTIFICATION AND AUTHENTICATION POLICY AND PROCEDURES
💼 NIST SP 800-53 Revision 4 → 💼 IA-2 IDENTIFICATION AND AUTHENTICATION (ORGANIZATIONAL USERS)	13	1	1
💼 NIST SP 800-53 Revision 4 → 💼 IA-4 IDENTIFIER MANAGEMENT	7
💼 NIST SP 800-53 Revision 4 → 💼 IA-5 AUTHENTICATOR MANAGEMENT	15	2	2
💼 NIST SP 800-53 Revision 4 → 💼 IA-8 IDENTIFICATION AND AUTHENTICATION (NON-ORGANIZATIONAL USERS)	5
💼 NIST SP 800-53 Revision 4 → 💼 PE-2 PHYSICAL ACCESS AUTHORIZATIONS	3
💼 NIST SP 800-53 Revision 4 → 💼 PS-3 PERSONNEL SCREENING	3

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST CSF v2.0 → 💼 PR.AA-02: Identities are proofed and bound to credentials based on the context of interactions			8

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (8)

Policy	Logic Count	Flags
📝 AWS Account IAM Password Policy Number of passwords to remember is not set to 24 🟢	1	🟢 x6
📝 AWS EC2 Instance IAM role is not attached 🟢	1	🟢 x6
📝 AWS IAM User has inline or directly attached policies 🟢	1	🟠 x1, 🟢 x5
📝 AWS IAM User with console and programmatic access set during the initial creation 🟢		🟢 x3
📝 AWS S3 Bucket MFA Delete is not enabled 🟠🟢	1	🟠 x1, 🟢 x6
📝 Azure App Service Authentication is disabled and Basic Authentication is enabled 🟢	1	🟢 x6
📝 Azure App Service Basic Authentication is enabled 🟢		🟢 x3
📝 Consumer Google Accounts are used 🟢		🟢 x3

Internal Rules

Rule	Policies	Flags
✉️ dec-x-6c93750d	1
✉️ dec-x-4157c58a	1
✉️ dec-x-ca52f63a	2
✉️ dec-z-79f4ab88	1

Description
Similar
Similar Sections (Take Policies From)
Similar Sections (Give Policies To)
Sub Sections
Policies (8)
Internal Rules