Identification and Authentication - Level 3
CMMC IA.3.086 - Disable Inactive Accounts
Requirement text: IA.3.086: Disable identifiers after a defined period of inactivity. DISCUSSION FROM SOURCE: DRAFT NIST SP 800-171 R2 Inactive identifiers pose a risk to organizational information because attackers may exploit an inactive identifier ...
CMMC IA.3.085 - Prevent Reuse of System Identifiers
Requirement text: IA.3.085: Prevent the reuse of identifiers for a defined period. DISCUSSION FROM SOURCE: DRAFT NIST SP 800-171 R2 Identifiers are provided for users, processes acting on behalf of users, or devices (IA.1.076). Preventing reuse of ...
CMMC IA.3.084 - Employ Replay-Resistant Authentication
Requirement text: IA.3.084: Employ replay-resistant authentication mechanisms for network access to privileged and non-privileged accounts. DISCUSSION FROM SOURCE: DRAFT NIST SP 800-171 R2 Authentication processes resist replay attacks if it is ...
CMMC IA.3.083 - Use Multifactor Authentication
Requirement text: IA.3.083: Use multifactor authentication for local and network access to privileged accounts and for network access to non-privileged accounts. DISCUSSION FROM SOURCE: DRAFT NIST SP 800-171 R2 Multifactor authentication requires the ...