πΌ IA-2(8) Identification and Authentication (organizational Users) | Access to Accounts β Replay Resistant
- Contextual name: πΌ IA-2(8) Identification and Authentication (organizational Users) | Access to Accounts β Replay Resistant
- ID:
/frameworks/nist-sp-800-53-r5/ia/02/08 - Located in: πΌ IA-2 Identification and Authentication (organizational Users)
Descriptionβ
Implement replay-resistant authentication mechanisms for access to [Selection (one or more): privileged accounts; non-privileged accounts].
Similarβ
- Sections
/frameworks/aws-fsbp-v1.0.0/iam/05/frameworks/aws-fsbp-v1.0.0/iam/06
- Internal
- ID:
dec-c-fb2286b2
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ AWS Foundational Security Best Practices v1.0.0 β πΌ [IAM.5] MFA should be enabled for all IAM users that have a console password | 1 | |||
| πΌ AWS Foundational Security Best Practices v1.0.0 β πΌ [IAM.6] Hardware MFA should be enabled for the root user | 1 |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP High Security Controls β πΌ IA-2(8) Access to Accounts β Replay Resistant (L)(M)(H) | 2 | |||
| πΌ FedRAMP Low Security Controls β πΌ IA-2(8) Access to Accounts β Replay Resistant (L)(M)(H) | 2 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (2)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS Account Root User Hardware MFA is not enabled. π’ | π’ x3 | |
| π AWS IAM User MFA is not enabled for all users with console password π’ | 1 | π’ x6 |