National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

NIST Special Publication 800-53 (Rev. 4)

Security Controls and Assessment Procedures for Federal Information Systems and Organizations

Access Control Control Family

Showing 25 controls:
No. Control Priority Low Moderate High
AC-1 ACCESS CONTROL POLICY AND PROCEDURES P1 AC-1 AC-1 AC-1
AC-2 ACCOUNT MANAGEMENT P1 AC-2 AC-2 (1) (2) (3) (4) AC-2 (1) (2) (3) (4) (5) (11) (12) (13)
AC-3 ACCESS ENFORCEMENT P1 AC-3 AC-3 AC-3
AC-4 INFORMATION FLOW ENFORCEMENT P1 AC-4 AC-4
AC-5 SEPARATION OF DUTIES P1 AC-5 AC-5
AC-6 LEAST PRIVILEGE P1 AC-6 (1) (2) (5) (9) (10) AC-6 (1) (2) (3) (5) (9) (10)
AC-7 UNSUCCESSFUL LOGON ATTEMPTS P2 AC-7 AC-7 AC-7
AC-8 SYSTEM USE NOTIFICATION P1 AC-8 AC-8 AC-8
AC-9 PREVIOUS LOGON (ACCESS) NOTIFICATION P0
AC-10 CONCURRENT SESSION CONTROL P3 AC-10
AC-11 SESSION LOCK P3 AC-11 (1) AC-11 (1)
AC-12 SESSION TERMINATION P2 AC-12 AC-12
AC-13 SUPERVISION AND REVIEW - ACCESS CONTROL
AC-14 PERMITTED ACTIONS WITHOUT IDENTIFICATION OR AUTHENTICATION P3 AC-14 AC-14 AC-14
AC-15 AUTOMATED MARKING
AC-16 SECURITY ATTRIBUTES P0
AC-17 REMOTE ACCESS P1 AC-17 AC-17 (1) (2) (3) (4) AC-17 (1) (2) (3) (4)
AC-18 WIRELESS ACCESS P1 AC-18 AC-18 (1) AC-18 (1) (4) (5)
AC-19 ACCESS CONTROL FOR MOBILE DEVICES P1 AC-19 AC-19 (5) AC-19 (5)
AC-20 USE OF EXTERNAL INFORMATION SYSTEMS P1 AC-20 AC-20 (1) (2) AC-20 (1) (2)
AC-21 INFORMATION SHARING P2 AC-21 AC-21
AC-22 PUBLICLY ACCESSIBLE CONTENT P3 AC-22 AC-22 AC-22
AC-23 DATA MINING PROTECTION P0
AC-24 ACCESS CONTROL DECISIONS P0
AC-25 REFERENCE MONITOR P0