NIST SP 800-171 & CMMC 2.0 Control 3.5.4 Requirement:
Employ replay-resistant authentication mechanisms for network access to privileged and non-privileged accounts.
NIST SP 800-171 & CMMC 2.0 3.5.4 Requirement Explanation:
Using secure authentication mechanisms can help prevent attackers from launching successful man-in-the-middle attacks. TLS is replay resistant, so using it to protect your network communications will meet this requirement.
Example NIST SP 800-171 & CMMC 2.0 3.5.4 Implementation:
Enable transport layer security (TLS) for access to your systems. Ensure that web based logins to your systems are protected (green lock in address bar). Use multifactor authentication to protect accounts accessed over the network.
NIST SP 800-171 & CMMC 2.0 3.5.4 Scenario(s):
- Scenario 1:
Using your internet browser you go to log into the admin page of a printer on your local network. Before logging in you notice that the connection is not secured with TLS and is unencrypted. You work with your team fix this so that connection to the page is protected with TLS.
Discover Our NIST SP 800-171 & CMMC 2.0 Solutions:
Power through compliance. Meet and maintain your NIST SP 800-171 & CMMC 2.0 compliance requirements.
Transform your business. Create new revenue streams and provide scalability for your NIST SP 800-171 and CMMC 2.0 services.
Supply Chain Verifier
Trust is everything. Verify, monitor, and support subcontactor compliance.