Skip to main content

πŸ’Ό IA-2 IDENTIFICATION AND AUTHENTICATION (ORGANIZATIONAL USERS)

  • Contextual name: πŸ’Ό IA-2 IDENTIFICATION AND AUTHENTICATION (ORGANIZATIONAL USERS)
  • ID: /frameworks/nist-sp-800-53-r4/ia/02
  • Located in: πŸ’Ό IA IDENTIFICATION AND AUTHENTICATION

Description​

The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).

Similar​

  • Internal
    • ID: dec-c-6ecbf78d

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό PR.AC-1: Identities and credentials are issued, managed, verified, revoked, and audited for authorized devices, users and processes1922
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό PR.AC-6: Identities are proofed and bound to credentials and asserted in interactions48
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό PR.AC-7: Users, devices, and other assets are authenticated (e.g., single-factor, multi-factor) commensurate with the risk of the transaction (e.g., individuals' security and privacy risks and other organizational risks)1922

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό IA-2 (1) NETWORK ACCESS TO PRIVILEGED ACCOUNTS
πŸ’Ό IA-2 (2) NETWORK ACCESS TO NON-PRIVILEGED ACCOUNTS
πŸ’Ό IA-2 (3) LOCAL ACCESS TO PRIVILEGED ACCOUNTS
πŸ’Ό IA-2 (4) LOCAL ACCESS TO NON-PRIVILEGED ACCOUNTS
πŸ’Ό IA-2 (5) GROUP AUTHENTICATION
πŸ’Ό IA-2 (6) NETWORK ACCESS TO PRIVILEGED ACCOUNTS - SEPARATE DEVICE
πŸ’Ό IA-2 (7) NETWORK ACCESS TO NON-PRIVILEGED ACCOUNTS - SEPARATE DEVICE
πŸ’Ό IA-2 (8) NETWORK ACCESS TO PRIVILEGED ACCOUNTS - REPLAY RESISTANT
πŸ’Ό IA-2 (9) NETWORK ACCESS TO NON-PRIVILEGED ACCOUNTS - REPLAY RESISTANT
πŸ’Ό IA-2 (10) SINGLE SIGN-ON
πŸ’Ό IA-2 (11) REMOTE ACCESS - SEPARATE DEVICE
πŸ’Ό IA-2 (12) ACCEPTANCE OF PIV CREDENTIALS
πŸ’Ό IA-2 (13) OUT-OF-BAND AUTHENTICATION

Policies (1)​

PolicyLogic CountFlags
πŸ“ AWS S3 Bucket MFA Delete is not enabled 🟠🟒1🟠 x1, 🟒 x6

Internal Rules​

RulePoliciesFlags
βœ‰οΈ dec-z-bb7312921